ShipBob
501-1000 employees
Logistics and Supply Chain
E-commerce
Warehousing
Technology
About ShipBob
ShipBob is a technology-enabled third-party logistics (3PL) company that provides fulfillment services for direct-to-consumer brands. Founded in 2014, ShipBob offers an end-to-end fulfillment solution including warehousing, inventory management, order processing, and shipping, powered by its proprietary software platform. The company aims to help e-commerce businesses scale by simplifying logistics and providing fast, affordable shipping options. ShipBob operates multiple fulfillment centers across the United States and internationally, serving thousands of merchants and supporting their growth in competitive markets.
📋
Description
- As a Staff Security Engineer (Access Control & Identity Access Management), you will design, implement, and maintain access control policies and systems for our cloud-based applications and infrastructure.
- You will work closely with security engineers, developers, and operations teams to ensure security and compliance with industry standards.
- Your role includes identifying and analyzing cyber threats, using your expertise in security technologies, access control, threat detection, and incident response to protect critical data and systems.
- Responsibilities include designing access control solutions with tools like Azure AD, monitoring activities for anomalies, developing policies based on least privilege and RBAC, automating security workflows, supporting audits for standards such as ISO270001 and SOC2, configuring Azure Active Directory, researching emerging threats, collaborating with stakeholders, enabling technologies like SIEM, SOAR, and PKI, analyzing threats, participating in risk assessments, and additional duties as needed.
- The role reports to the VP, Information Tech & Security.
- The environment is remote in India, emphasizing a high-performance culture focused on continuous learning, collaboration, and results.
🎯
Requirements
- 6+ years of hands-on work experience with security architecture and engineering in a cyber security operations program.
- 4+ years of experience in an access control security engineering or related role.
- Sound knowledge and experience with access control frameworks and tools, such as IAM, RBAC, ABAC, OAuth, SAML, etc.
- In-depth knowledge of Azure services, especially Azure Active Directory, Azure AD Identity Protection, and Azure RBAC.
- Experience designing and implementing access controls in cloud environments, particularly with Azure.
- Experience integrating security practices into the software development process.
- Experience integrating security practices into database systems such as SSMS.
- Excellent knowledge of cloud security, network security, endpoint security, and threat intelligence.
- Proficiency in scripting languages such as Python, PowerShell, Go, or Bash.
- Experience securing cloud-based infrastructures including Azure, M365, Google Workspace, Salesforce.
- Knowledge of industry standard frameworks such as MITRE ATT&CK.
- Interest in automating response challenges.
- Ability to design and deploy security controls across access management, data protection, vulnerability management, incident response, application security, network security, and offensive security solutions.
- Strong skills in designing and implementing Zero Trust Architecture.
- Excellent interpersonal and communication skills, with the ability to influence and align across teams.
🏖️
Benefits
- Medical, Term & Accidental Insurance
- All Purpose Leave (casual & sick time): 12 days
- Earned Leave: 15 days
- Public Holiday: 12 days
- Generous Maternity & Paternity Leave
- Quarterly Wellness Day
- Work From Home Allowance