Wish is a mobile e-commerce platform that flips traditional shopping on its head. We connect hundreds of millions of people with the widest selection of delightful, surprising, and—most importantly—affordable products delivered directly to their doors. Each day on Wish, millions of customers in more than 160 countries around the world discover new products. For our over 1 million merchant partners, anyone with a good idea and a mobile phone can instantly tap into a global market.
We're fueled by creating unique products and experiences that give people access to a new type of commerce, where all are welcome. If you’ve been searching for a supportive environment to chase your curiosity and use data to investigate the questions that matter most to you, this is the place.Job Description
The Security team is responsible for the security and integrity of the Wish platform and corporate environment which is paramount to our success. We work to secure and protect Wish’s assets such as customer or payment information, and handle potential data breaches or develop tools in partnership with other technical teams. As a Security engineer working on compliance, you will be providing analysis and guidance to ensure all of our security policies are well defined, auditable, and understood by internal product and engineering teams as well as external auditors.
What you'll be doing:
Help establish security best practices across the company.
Analyze our security posture, identify gaps, and work closely with other teams to ensure strong operational security.
Participate in design and implementation reviews of security and infrastructure projects with an eye to ensuring compliance is embedded in our products from the design stage.
Developing information security procedures, guidelines and documentation
Improving security awareness and training programs
Be able to make quick and concise compliance guidance to cross-functional teams based on solid and relevant knowledge or product certifications background applications.
Working cross functionally to ensure our compliance documentation and evidence is complete and unambiguous.
2+ years of experience working on or with security teams with an emphasis in compliance
Strong knowledge of security topics including network and application security, infrastructure hardening, security baselines, and web server / database security
Excellent technical writing and documentation skills.
Experience working on compliance initiatives such as SOC2, ISO27001, HIPAA, GDPR, PCI, Fedramp and other laws and regulation requirements
Understanding of technical controls and how they relate to compliance requirements
B.S. degree in Computer Science
All your information will be kept confidential according to EEO guidelines.