Senior Security Engineer (DevSecOps) en SHEIN

About SHEIN 

SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000 employees operating from offices around the world, SHEIN is committed to making the beauty of fashion accessible to all, promoting its industry-leading, on-demand production methodology, for a smarter, future-ready industry. 

Position Summary

SHEIN’s Global Security and Risk Management (GSRM) oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across our global footprint. Our mission: to engineer the future of security—where cutting-edge automation, AI-driven innovation, and global impact converge to protect our most critical digital assets. The challenge is securing a massive, multi-cloud environment: ephemeral compute at scale, protection of proprietary data, across all aspects of the security operating framework — while moving at startup speed.

Is your impact diluted by lack of direction or endless approvals? What if you could architect and code a company’s security nervous system from security first principles—then watch it defend real production traffic at global scale?

We're seeking an experienced and motivated Senior Security Engineer (DevSecOps) (Official title: Senior Security Engineer I) for our Los Angeles-based corporate office, who will be a hybrid software engineer and security expert who enjoys ownership, autonomy, and real-world challenges to solve.

Job Responsibilities

• Engineer security solutions for Kubernetes (EKS/AKS/GKE), Lambda, and compute workload with strong identity boundaries, admission controls, and runtime protections.
• Design and implement scalable multi-cloud native defenses across AWS, Azure, and GCP, including VPC/VNet topologies, micro-segmentation, and WAF/CDN.
• Collaborate with security operations, change management, threat hunting, vulnerability management, and incident response to convert operational signals into engineered controls and continuous improvements.
• Build automated detection and response for workloads; turn threat intelligence into code driving IDS/IPS, NDR/NTA, Suricata/Zeek, SIEM, and workflow automation to close loops.
• Lead IAM/PAM/SSO/MFA foundations; advocate and enforce least privilege and risk-based authentication across global operations.
• Understand and troubleshoot end-to-end user connectivity to cloud and enterprise systems and services.
• Provide security guidance, expertise to cross-functional teams, technical leadership and mentorship to junior security engineers.
• Prepare and maintain security documentation, including architecture diagrams, configurations, and incident reports.

   

•  Work closely with global teams, bridging cultural and geographical differences to ensure cohesive and effective collaboration.

   

Job Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred; Master's is a plus.
• A minimum of 3 years of engineering experience in cloud and/or enterprise networks specific to security, ideally in high-transaction environments such as e-commerce.
• Proficiency in scripting and automation with one or more languages: Python, Go, Java or similar for tool development and automation.
• Battle-tested expertise with at least one major cloud (AWS, Azure, or Google Cloud); strong understanding of cloud security principles and secure configuration.
• Hands-on experience with IaC (Terraform, Pulumi) and CI/CD (GitLab CI/CD) a plus.
• Compute experience with Kubernetes (EKS/AKS/GKE), serverless (Lambda), and container orchestration (Fargate) a plus.
• Solid understanding of network security protocols, cryptography, SSL/TLS, and VPNs; experience with SIEM, IDS/IPS, DLP, WAF, firewalls, and NAC a plus
• In-depth knowledge of identity and access management, including authentication, authorization, SSO, MFA, IAM, and PAM a plus.
• Proven experience leading security projects and initiatives in large, complex organizations.
• Experienced in fast-paced, high-growth production environments; able to support on-call and escalations; able to translate technical requirements into business impact and action.
• Mandarin speaking is a plus.

Benefits and Perks 

• Bonus and RSU eligible
• Healthcare (medical, dental, vision, prescription drugs) 
• Health Savings Account with Employer Funding 
• Flexible Spending Accounts (Healthcare and Dependent care) 
• Company-Paid Basic Life/AD&D insurance 
• Company-Paid Short-Term and Long-Term Disability 
• Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident) 
• Employee Assistance Program 
• Business Travel Accident Insurance 
• 401(k) Savings Plan with discretionary company match and access to a financial advisor  
• Vacation, paid holidays, floating holiday and sick days   
• Employee discounts 
• Free weekly catered lunch 
• Dog-friendly office (available at select locations) 
• Free gym access (available at select locations) 
• Free swag giveaways 
• Annual Holiday Party 
• Invitations to pop-ups and other company events 
• Complimentary daily office snacks and beverages

#LI-CR1