Why you’ll love this role

This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team. This team is responsible for leading efforts to enhance the security of the cloud infrastructure and applications all across StockX. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. They provide ongoing engineering support for security systems in our cloud native environment. This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.

What you’ll do

• Partner with the Platform Engineering and IT teams to design, implement, and manage security measures for our AWS & Azure cloud infrastructure.
• Collaborate with cross-functional teams to automate and expedite integration of security best practices into the entire development lifecycle, from design to deployment.
• Use available tooling to assess risks and vulnerabilities and implement strategies to mitigate and remediate identified security risks.
• Automate enforcement security of policies and related controls for AWS cloud services and data protection.
• Monitor and respond to security incidents, conduct investigations, and implement incident response procedures as needed with confidentiality and professionalism.
• Design and implement identity and access management (IAM) solutions for secure access control.
• Partner with other teams to ensure IAM controls are part of a defense in depth strategy
• Ensure the continuing operation and effectiveness of key identity and access management controls
• Stay abreast of the latest cloud security trends, threats, and vulnerabilities, and implement proactive measures to address emerging risks.
• Possess knowledge of reliable and low-touch infrastructure using technologies such as Terraform, Kubernetes, and Docker supported by other engineering teams.
• Provide mentorship and guidance to junior members of the security team.
• Ability to quickly analyze logs and configurations using; Python, JQ, cURL, etc.
• Integrate application security tooling within the existing CI/CD environment to improve application security.

About you

• 4-7 years of relevant security experience.
• Bachelor's degree preferred but not required.
• Cyber security certifications preferred e.g. CISSP, CISM, Security +, AWS Security
• Strong experience with cloud native environments and with multiple cloud services providers
• Experience with scripting across multiple cloud providers and infrastructure APIs to analyze security posture and configurations.
• Detailed understanding of cloud and network security
• Experience reading other engineer’s code across a number of languages to identify security issues.
• Understanding of modern cloud technology components and deployment patterns: containers, Kubernetes, serverless, infrastructure as code, etc.
• Experience with OAuth/SAML techniques and OIDC
• Deep understanding of Identity & Access Management security controls and tooling
• Strong understanding of securing distributed cloud and on-premesis networks using security groups, network ACLs, VPNs, and WAFs among other technologies
• Strong understanding of security monitoring tools for cloud environments such as CSPM, CASB, cloud audit logs such as AWS Cloudtrail, etc
• Strong understanding of application security tools such as Snyk, Sonarcloud, Dependabot or Renovate, GitGuardian, etc
• Technical understanding of how threats like Spam, Phishing, DDoS Attacks, Brute Force Attacks, SQL Injections, XSS are executed and how to protect against them across an organization.

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the various pay transparency laws/acts, the base salary range is $140,000 to $160,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.