Staff Security Engineer
full-time • Remote
This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Staff Security Engineer in ShipBob.
This role offers an exciting opportunity for a seasoned cybersecurity professional to lead access control and identity management initiatives across cloud-based applications and infrastructure. As a Staff Security Engineer, you will design, implement, and maintain robust access control systems while collaborating with security, development, and operations teams to ensure compliance with industry standards. You will proactively identify and analyze threats, implement preventive measures, and strengthen incident response capabilities. The position provides exposure to cutting-edge cloud platforms, security tools, and automation frameworks, enabling you to have a direct impact on protecting critical data and systems. Remote work from India allows flexibility while contributing to global security operations. You will play a pivotal role in shaping security architecture, policies, and workflows to support scalable, secure, and compliant digital environments.
Accountabilities:
- Design, implement, and maintain access control solutions for cloud applications and infrastructure using Azure AD, M365, Google Workspace, Salesforce, and similar platforms.
- Monitor and audit access control activities to detect anomalies and enforce security policies based on least privilege and role-based access control principles.
- Develop and automate security workflows, playbooks, and tools to enhance security operations efficiency.
- Support compliance and audit initiatives, aligning access control practices with standards such as ISO 27001 and SOC 2.
- Research emerging threats and security technologies, providing recommendations to strengthen the organization’s security posture.
- Collaborate with stakeholders across teams to provide technology requirements for security solutions, including SIEM, SOAR, GRC, EDR, and intrusion detection systems.
- Conduct risk assessments, implement mitigating controls, and continuously improve security operations and incident response capabilities.
- 6+ years of hands-on experience in security architecture and engineering within a cybersecurity operations program.
- 4+ years of experience in access control security engineering or related roles.
- In-depth knowledge of access control frameworks and tools (IAM, RBAC, ABAC, OAuth, SAML).
- Strong expertise in Azure services, particularly Azure Active Directory, Azure AD Identity Protection, and Azure RBAC.
- Proven experience designing and implementing access controls in cloud environments and integrating security into software development and database systems.
- Proficiency in scripting languages such as Python, PowerShell, Go, or Bash.
- Solid understanding of cloud security, network security, endpoint security, and threat intelligence.
- Experience implementing Zero Trust Architecture and deploying security controls across domains such as access management, data protection, vulnerability management, incident response, application security, and network security.
- Excellent interpersonal and communication skills, with the ability to influence stakeholders and drive cross-functional alignment.
- Comprehensive medical, term, and accidental insurance coverage.
- Paid time off: 12 days of all-purpose leave, 15 days of earned leave, and 12 public holidays.
- Generous maternity and paternity leave policies.
- Quarterly wellness day and remote work allowances.
- Opportunity to work in a high-performance, collaborative, and innovative culture.
- Professional growth through exposure to cloud security, access management, automation, and global cybersecurity initiatives.
Requirements:
Benefits: