IT Security Engineer
Company Description
Wish is a mobile e-commerce platform that flips traditional shopping on its head. We connect hundreds of millions of people with the widest selection of delightful, surprising, and—most importantly—affordable products delivered directly to their doors. Each day on Wish, millions of customers in more than 160 countries around the world discover new products. For our over 1 million merchant partners, anyone with a good idea and a mobile phone can instantly tap into a global market.
We're fueled by creating unique products and experiences that give people access to a new type of commerce, where all are welcome. If you’ve been searching for a supportive environment to chase your curiosity and use data to investigate the questions that matter most to you, this is the place.
Job Description
As a member of our IT Security Operations team, you will be responsible for planning, designing, and implementing security measures to monitor and protect sensitive data and systems. In fulfilling this role, you will help Wish confront the security and compliance challenges that face a successful, growing eCommerce business.
For the successful candidate, this role offers an opportunity to grow and develop your skills alongside top class talent. Wish is a dynamic and fast-paced environment which encourages innovation, creativity, and the adoption of novel technologies and processes.
What you’ll be doing:
Advise and implement continuous security improvements
Monitor for and investigate security incidents
Manage and improve SIEM solution
Respond to and investigate Endpoint Security events
Automate security orchestration and response
Provide security review/oversight for IT operational standards, procedures, controls, and policies
Provide recommendations for hardening of system configuration
Coordinate our Vulnerability Management Program, working closely with other teams to assess, track, and remediate vulnerabilities
Participate in operational incident handling
Participate in tabletop exercises
Perform risk assessments
Participate in vendor engagements to provide security oversight, ensure solutions meet security requirements, and implementations meet Wish security standards
#LI-JG1
Qualifications
Who you are:
2+ years experience in a Security Engineer or equivalent role
Strong knowledge of enterprise security and network devices, particularly Palo Alto Networks firewalls and Cisco switches
Deep knowledge of mainstream operating systems (Ubuntu, MacOS, Windows)
Excellent communication skills and an analytical approach to solving complex problems.
Experience working within and to compliance standards (e.g PCI, ISO 27001, SOX)
Knowledge of best practices securing cloud environments, particularly Azure and AWS
Experience with vulnerability management products, e.g. Tenable, Rapid7
Familiarity with/experience implementing the CIS Top 20 Organizational controls
Excellent and clear communications skills
BSc or equivalent experience/qualifications
CISSP preferred
Additional Information
Wish values diversity and is committed to creating an inclusive work environment. We provide equal employment opportunity for all applicants and employees. We do not discriminate based on any legally-protected class or characteristic. Employment decisions are made based on qualifications, merit, and business needs. If you need assistance or accommodation due to a disability, please let your recruiter know. For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.
Individuals applying for positions at Wish, including California residents, can see our privacy policy here.