About iHerb
Your trusted source for health and wellness products
Key Highlights
- Over 30,000 health products available online
- Headquartered in Pasadena, California
- Serves millions of customers globally
- Approximately 1,500 employees dedicated to wellness
iHerb is a leading online retailer of health and wellness products, offering over 30,000 top-rated items including vitamins, supplements, and organic foods. Headquartered in Pasadena, California, iHerb serves millions of customers worldwide and is known for its competitive pricing and customer loyal...
🎁 Benefits
iHerb offers competitive salaries, stock options, flexible work hours, and generous PTO policies. Employees also benefit from discounts on products an...
🌟 Culture
iHerb fosters a customer-centric culture, emphasizing quality and value in health products. The company promotes a healthy work-life balance and encou...
Security Engineer • Lead
iHerb • United States - Remote
Skills & Technologies
Overview
iHerb is seeking a Principal Application Security Engineer to lead security initiatives across their global ecommerce platform. You'll be responsible for establishing security architecture and implementing security tools. This role requires deep technical expertise in application security.
Job Description
Who you are
You have extensive experience in application security, with a strong focus on securing ecommerce services and applications that serve millions of customers globally. As a Principal Application Security Engineer, you are the ultimate subject matter expert, responsible for establishing enterprise-wide security architecture and driving technical mitigations. You possess unparalleled technical depth and strategic foresight, enabling you to respond effectively to current and emerging security threats.
Your background includes leading cross-functional projects and defining strategic directions for security development lifecycle (SDL) practices. You are skilled in conducting security design reviews and sophisticated threat modeling for mission-critical services across various platforms. You have a proven track record of establishing secure architecture standards and frameworks that span application, cloud-native, and infrastructure layers.
You are adept at evaluating, prototyping, implementing, and governing core security tools and services, including DAST, SAST, SCA, WAF, and Secrets Management. Your ability to discover and analyze emerging security threats allows you to proactively implement centralized mitigations, ensuring compliance excellence in a complex environment.
Desirable
Experience with security automation technologies and a strong understanding of compliance requirements in the ecommerce sector would be advantageous. Familiarity with industry standards and frameworks will further enhance your ability to drive security initiatives effectively.
What you'll do
In this role, you will lead the Secure Development Lifecycle assurance processes, ensuring that security is integrated into every phase of product development. You will collaborate with various teams to implement security hardening strategies and respond to security incidents as they arise. Your responsibilities will include conducting regular security assessments and audits, as well as providing guidance on best practices for secure coding and application design.
You will also be responsible for maintaining a strong knowledge of the latest security trends and threats, continuously updating the security posture of iHerb's applications. Your expertise will be crucial in shaping the security culture within the organization, promoting awareness and training among team members.
What we offer
iHerb provides a fully remote work environment, allowing you to work from the comfort of your home while contributing to a global team. We value diversity and encourage applicants from all backgrounds to apply. As a Principal Application Security Engineer, you will have the opportunity to make a significant impact on the security of our ecommerce platform, ensuring the safety of millions of customers worldwide. We offer competitive compensation and benefits, fostering a supportive and inclusive workplace culture.
Interested in this role?
Apply now or save it for later. Get alerts for similar jobs at iHerb.
Similar Jobs You Might Like
Based on your interests and this role
Principal Engineer
HubSpot is seeking a Principal Software Engineer to enhance security for their platform. You'll focus on building secure identity and access solutions while collaborating with cross-functional teams. This role requires extensive engineering experience and a strong background in security practices.
Principal Security Engineer
GoDaddy is seeking a Principal Security Engineer to lead information security initiatives. You'll work on identifying security threats and collaborating with development teams to enhance security processes. This role requires strong technical skills and leadership experience.
Security Engineer
InterSystems is seeking a Principal Security Architect to lead the design and implementation of security across their global infrastructure. You'll work with technologies like Palo Alto and Cisco to secure on-premises and cloud environments. This role requires extensive experience in security architecture and engineering.
Security Engineer
Apple is hiring a Principal Security Software Engineer to tackle complex security challenges across their infrastructure and services. You'll work with AWS, Docker, and Python to design secure architectures. This position requires extensive experience in security engineering.