Staff Security Engineer @ ShipBob

As a member of the ShipBob Team, you will benefit from an environment where everything is achievable. We aim to be a place where you can:

Write Your Career Story. Because we are solving some of the most difficult problems in global commerce, you have the opportunity to write the story that will make your career.
Experience Global Impact and Global Connection. At ShipBob we benefit from diverse cultures and perspectives in service of the global community.
Grow With An Ownership Mindset. We believe that great innovation comes from great transparency. We are more resilient and more creative when we have an inclusive and transparent culture where everyone knows our strengths and opportunities.

Title: Staff Security Engineer, (Access Control & Identity Access Management),

Location: Remote in these states:AZ, CA, CO, FL, GA, KS, KY, IA, ID, IL, IN, MA, ME, MI, MN, MO, NC, NH, NJ, NV, NY, OH, OR, PA, RI, SC, SD, TN, TX, UT, VA, VT, WA, WI

Role Description:

As a Staff Security Engineer (Access Control & Identity Access Management), you will design, implement, and maintain access control policies and systems for our cloud-based applications and infrastructure. You will also work closely with other security engineers, developers, and operations teams to ensure that our environment is secure and compliant with industry standards and best practices. You will play a pivotal role in identifying and analyzing cyber threat tactics, techniques, and procedures ensuring proactive detection capabilities to aid the global threat detection and response mission. You will use your expertise in security technologies, access control, threat detection, and incident response methodologies to ensure the confidentiality, integrity, and availability of our critical data and systems.

What you’ll do:

Design and implement access control solutions for cloud-based applications and infrastructure using tools such as Azure AD, M365, Google Workspace, Salesforce, etc.
Monitor and audit access control activities and events for anomalies.
Develop and enforce access control policies and standards based on the principle of least privilege and role-based access control.
Develop and automate security workflows, playbooks, and tools to improve efficiency and effectiveness of security operations.
Develop relevant policies, procedures, and guidelines for access control and ensure compliance with, and support audits for, various standards, including but not limited to ISO270001 and SOC2.
Design and configure Azure Active Directory (AAD) for effective access management to be used within Azure and leveraged in other applications such as Retool and SSMS.
Research and evaluate emerging threats and security technologies and provide recommendations for enhancing our security posture.
Collaborate with other security team members and stakeholders across the organization to share knowledge and best practices.
Work closely with all teams to continuously provide technology requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, Case Management, GRC, EDR, Intrusion Detection Systems, Web Proxy/Content Filtering, Active Directory, and PKI.
Proactively search for, identify, and analyze new and existing techniques to detect advanced and targeted threats.
Participate in risk assessments and implement controls to mitigate identified risks.
Additional duties and responsibilities as necessary.

What you’ll bring to the table:

6+ years of hands-on work experience with security architecture and engineering in a cyber security operations program.
4+ years of experience in an access control security engineering or related role.
Solid knowledge and experience with access control frameworks and tools, such as IAM, RBAC, ABAC, OAuth, SAML, etc.
In-depth knowledge of Azure services, especially Azure Active Directory, Azure AD Identity Protection, and Azure RBAC.
Established experience in designing and implementing access controls in cloud environments, particularly with Azure.
Demonstrated track record of integrating security practices into the software development process.
Track record of integrating security practices into database systems such as SSMS.
Knowledge of cloud security, network security, endpoint security, and threat intelligence.
Proficiency in scripting languages such as Python, PowerShell, Go, or Bash.
Experience securing cloud-based infrastructures; Azure, M365, Google Workspace, Salesforce, etc.
Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK.
Desire to solve response challenges with automation.
Established ability designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions.
Excellent design and solution implementation skills for a Zero Trust Architecture.
Outstanding interpersonal and communication skills with the ability to influence both internally and externally, and to drive multi-functional alignment and action.

Classification: Exempt

Reports to: Manager, Information Technology

Perks & Benefits:

Medical, Dental, Vision & Basic Life Insurance
Paid Maternity/Parental Leave Program
Flexible Time Off Program
Paid Sick Leave and Paid Emergency Leave
Floating Holidays (2 days/year)
Wellness Days (1 day/quarter)
401K Match
Competitive Salary, Performance Bonus
Variety of voluntary benefits, such as, short term disability
Referral Bonus Program
Fun Culture >>> Check us out on Instagram (@lifeatshipbob)

ShipBob believes in transparency while providing a competitive total compensation package with a pay for performance approach. The expected base pay range for this position is $140,941 - $234,902.

We recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. Diversity of experience and skills combined with passion is a key to innovation and excellence; therefore, we encourage people from all backgrounds to apply to our positions.

About You:

At ShipBob, we’re looking to bring on board people who embody our core values:

Be Mission-Driven. We want team members that are passionate about helping entrepreneurs improve their business, and bring that passion every day.
Be Humble. We have ambitious goals, and our team members understand that success or failure depends on us working together and leaving egos at the door.
Be Resilient. Logistics is a complicated business. So is software. We value team members that never give up and keep iterating until a problem is solved.
Be a Creative Problem Solver. As a startup, we value smart, innovative solutions to complex problems. We fall in love with the problem, not our “favorite” solution.
Be Safety Minded. It’s not just talk; it’s the way you work.

About Us:

ShipBob is a cloud-based logistics platform that partners with thousands of e-commerce businesses to help make their entrepreneurial dreams a reality. We offer a full suite of fulfillment solutions for our merchants, including the ability to improve their transit times, shipping costs and deliver a best in class experience to their customers.

As one of the fastest growing tech companies in Chicago backed by blue-chip investors like Menlo Ventures, Bain Capital Ventures, Hyde Park Venture Partners and SoftBank Vision Fund 2, our goal is to continue to be the best fulfillment technology in the industry.

ShipBob provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Compensation Overview

6 month growth

1 year growth

2 year growth

Benefits