Job Title: Senior Security Engineer I
Reports to: Manager, Security Engineering
Job Location: Los Angeles, CA
Job Status: Exempt
About SHEIN
SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from global network of vendors, all at affordable prices. Headquartered in Singapore, SHEIN remains committed to making the beauty of fashion accessible to all, promoting its industry-leading, on demand production methodology, for a smarter, future-ready industry. Founded in 2012, SHEIN has more than 16,000 employees operating from offices around the world, and continues to expand operations globally. Join SHEIN and be the future!
Position Summary
SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
We are seeking a highly experienced and seasoned Senior Security Engineer (Network & Cloud) (Official Title: Senior Security Engineer I) for our Los Angeles-based corporate office, whose focus will be on Enterprise and Cloud security. This Senior Security Engineer within GSRM is responsible for leading the design, implementation and execution of platform, policy, playbook and protocol development for security controls especially related with network and cloud security. There will be a close relationship with the security operations (SOC) teams supporting, data ingest, incident response and vulnerability mitigation, and with IT and infrastructure teams as well. This Engineering expert will ensure all production security controls and technologies are evaluated, enabled, monitored and built with efficacy and effectiveness to meet or exceed industry guidelines. Engineering members will contribute toward baselining established polices and SLAs, across all aspects of the security operating framework and making recommendations for constant improvement, while keeping the business and customer experience in mind.
This Security Engineer should have a deep technical understanding of network, cloud, host and network security practices, as well as all incident response protocols and practices. Must be
familiar with security industry standards and best practices, and must be able to effectively work with development, application and operational counterparts, across a broad deeply technical environment in all security areas common within an e-commerce and technology industry. This Security Engineer will also assist their leadership with ensuring all security tools and technologies are properly supported, implemented and sufficiently met the needs for which they are deployed to protect SHEIN confidential and proprietary data.
Job Responsibilities
- Design and implement secure cloud & enterprise networking architectures, including firewalls, VPCs, VPNs, NAC, SSO, DLP, DPI etc.
- Understand and be able to troubleshoot end-to-end user connectivity to cloud-based & Enterprise infrastructure systems and services.
- Develop and enforce network and cloud security policies, ensuring best practices in areas such as firewalls, intrusion detection/prevention systems (IDS/IPS), and secure access controls.
- Conduct regular security assessments, penetration tests, and vulnerability scans of network and cloud environments, identifying and mitigating risks.
- Design and implement network segmentation strategies to minimize security risks and ensure compliance with industry standards and regulations.
- Collaborate with the security operations, change management, threat hunting, vulnerability management and incident response functions and participate in any day-to-day cross functional relationships to fulfill business needs.
- When needed liaise with external agencies, such as law enforcement, standards and technology organization, advisory bodies and industry and peer working groups as necessary, to ensure that the organization maintains a strong security posture and technical congruency.
- Advocate and enforce principles of least privilege and zero trust across global operations, ensuring identity verification, risk-based authentication, and layered defense mechanisms.
- Participate in creating and updating new strategy, project plans and policy documents based on security and data protection requests that map to SHEIN's business requirements
- Collaborate with DevOps and development teams to integrate security into the CI/CD pipeline.
- Provide security guidance, expertise to cross-functional teams, technical leadership and mentorship to junior security engineers.
- Prepare and maintain security documentation, including architecture diagrams, configurations, and incident reports.
- Work closely with global teams, bridging cultural and geographical differences to ensure cohesive and effective collaboration.
Job Requirements
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. A Master's degree is a plus.
- A minimum of 3 years of engineering experience in enterprise and cloud networks specific to security, in an industry with high transaction volumes such as e-commerce is preferred.
- Ability to translate cyber security threats from a technical perspective to business-line understanding and execution
- Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty, Azure Security Engineer) are highly preferred.
- Proficiency in scripting, automation, along with one of the following languages: Python, PowerShell, Golang, Java is highly preferred.
- Solid understanding of network security protocols, cryptography, SSL/TLS, and VPNs a plus.
- Experience with WAF, Akamai, Cloudflare, Suricata/Zeek, CDN and/or associated technologies a plus.
- Experience with security tools and technologies (e.g., SIEM, IDS/IPS, DLP, WAF, Firewall, NAC).
- Strong understanding of Cloud security principles and experience with Cloud platforms such as AWS, Azure, or Google Cloud.
- Proven experience in leading Cloud and/or Network Security projects and initiatives in large, complex organizations.
- In-depth knowledge of Cloud technologies, including authentication, authorization, SSO, MFA, and identity and access management (IAM), encryption, and secure configuration of cloud services.
- Experienced working in a fast-paced, high-growth environment. Must be able to support on-call, escalation and fast tempo production environments.
- Must be able to support on-call, escalation and high-paced/ fast tempo production environments.
Pay
$118,500.00 min. - $202,000.00 max annually. Bonus & RSU offered.
Benefits and Perks
- Healthcare (medical, dental, vision, prescription drugs)
- Health Savings Account with Employer Funding
- Flexible Spending Accounts (Healthcare and Dependent care)
- Company-Paid Basic Life/AD&D insurance
- Company-Paid Short-Term and Long-Term Disability
- Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)
- Employee Assistance Program
- Business Travel Accident Insurance
- 401(k) Savings Plan with discretionary company match and access to a financial advisor
- Vacation, paid holidays, floating holiday and sick days
- Employee discounts
- Free weekly catered lunch
- Dog-friendly office (available at select locations)
- Free gym access (available at select locations)
- Free swag giveaways
- Annual Holiday Party
- Invitations to pop-ups and other company events
- Complimentary daily office snacks and beverages
SHEIN Technology LLC is an equal opportunity employer committed to a diverse workplace environment.
