About iHerb
Your trusted source for health and wellness products
Key Highlights
- Over 30,000 health products available online
- Headquartered in Pasadena, California
- Serves millions of customers globally
- Approximately 1,500 employees dedicated to wellness
iHerb is a leading online retailer of health and wellness products, offering over 30,000 top-rated items including vitamins, supplements, and organic foods. Headquartered in Pasadena, California, iHerb serves millions of customers worldwide and is known for its competitive pricing and customer loyal...
🎁 Benefits
iHerb offers competitive salaries, stock options, flexible work hours, and generous PTO policies. Employees also benefit from discounts on products an...
🌟 Culture
iHerb fosters a customer-centric culture, emphasizing quality and value in health products. The company promotes a healthy work-life balance and encou...
Security Engineer • Lead
iHerb • United States - Remote
Skills & Technologies
Overview
iHerb is seeking an Application Security Lead to oversee the Secure Development Lifecycle and implement security strategies across their ecommerce platform. You'll work with tools like OWASP and Burp Suite to mitigate security threats. This role requires extensive experience in application security and architecture.
Job Description
Who you are
You have a strong background in application security with at least 5 years of experience leading security initiatives in a complex environment — you've developed and implemented security frameworks that protect critical applications and services. Your expertise in secure development practices allows you to guide teams in integrating security into their workflows effectively. You are well-versed in security tools and methodologies, including DAST, SAST, and Secrets Management, and you understand the nuances of cloud-native security. You possess excellent communication skills, enabling you to collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders. You are proactive in identifying emerging security threats and have a strategic mindset to address them before they impact the organization.
Desirable
Experience with compliance standards such as PCI-DSS or ISO 27001 would be a plus, as would familiarity with security automation technologies. You have a passion for mentoring and developing junior security professionals, fostering a culture of security awareness within the organization.
What you'll do
In this role, you will lead the Secure Development Lifecycle assurance processes, ensuring that security is embedded in every phase of application development. You will conduct security design reviews and sophisticated threat modeling for both new and existing services, identifying potential vulnerabilities and recommending mitigations. Your responsibilities will include establishing secure architecture standards and frameworks that span application, cloud-native, and infrastructure layers. You will evaluate and implement core security tools and services, providing governance and oversight to ensure they are used effectively across the organization. Additionally, you will stay ahead of current and emerging security threats, analyzing their applicability to iHerb and implementing centralized mitigations to protect the organization. You will also collaborate with various teams to drive security initiatives and ensure compliance excellence in a fast-paced environment.
What we offer
iHerb offers a fully remote work environment, allowing you to work from anywhere in the United States. We provide competitive compensation and benefits, including health insurance, retirement plans, and opportunities for professional development. You will be part of a diverse and inclusive team that values collaboration and innovation, working together to secure our ecommerce platform for millions of customers worldwide. Join us in making a significant impact in the world of online shopping while advancing your career in application security.
Interested in this role?
Apply now or save it for later. Get alerts for similar jobs at iHerb.
Similar Jobs You Might Like
Based on your interests and this role
Application Security Lead
Wayve is hiring an Application Security Lead to define and lead their application security program. You'll be responsible for building security measures to protect their advanced AI technology. This role requires strong leadership and expertise in application security.
Security Engineer
Thumbtack is hiring a Staff Application Security Engineer to enhance security measures while enabling innovation. You'll collaborate with various teams to shape system design and guide architectural decisions. This role requires expertise in security practices and a strong understanding of application security.
Security Engineer
iHerb is seeking a Principal Application Security Engineer to lead security initiatives across their global ecommerce platform. You'll be responsible for establishing security architecture and implementing security tools. This role requires deep technical expertise in application security.
Application Security Engineer
Bugcrowd is hiring an Application Security Engineer to manage security vulnerability submissions for major bug bounty programs. You'll work with cutting-edge security testing methodologies and collaborate with elite hackers. This role requires expertise in various security vulnerabilities.
Security Engineer
Coupa Software is seeking a Lead Application Security Engineer to enhance their SaaS platform's security. You'll drive security architecture and develop application security tooling, leveraging skills in AWS and Java. This role requires expertise in security engineering and familiarity with AI and ML systems.