Staff Infrastructure Security Engineer (remote)

Poshmark is the largest community marketplace for fashion where anyone can buy, sell, and share their personal style. With millions of shoppers and seller stylists, Poshmark brings together a vibrant community every day to express themselves and share their love of fashion.

Security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 80 million Community members

This is the founding member of Infrastructure/Cloud security. As a founding member you will be reporting to the head of security and get to design and implement cloud/Infrastructure security from scratch. You will work with other security and infrastructure teams to design secure access, networks and defense in depth and identify security issues, vulnerabilities, misconfigurations across OS, Infra and cloud. You will work very closely with security operations/incident response teams to provide technical leadership. You will also mentor other junior infrastructure security professionals

Responsibilities

• Develop and document the policies, security reference architectures, design patterns, roadmap
• Design and develop Secure access and networks to production environments
• Provide technical leadership and work with corp IT to implement security on the corp environment
• Implement defense in depth, network segmentation to minimize impacts
• Design and re-architect AWS infra to achieve network segmentation, deep packet inspection, firewalls, VPNs, VPCs etc
• Provide technical leadership and infuse security in the designs across AWS cloud, SAAS applications, IT And others
• Identify tools and technologies to scan networks, OS and other infra to find vulnerabilities and work with SRE to remediate them
• Provide technical leadership to Security operations
• Represent Infrasecurity in PCI, SOX and other audits
• Keeping up to date with latest network and infrastructure security trends and best practices
• Partner with other engineers and architects to make sure the proposed designs meet both business and security requirements
• Collaborate with other stakeholders across the organization to integrate and keep up to date on the latest infrastructure designs
• Review corporate IT network and security controls to come up with improvements regularly

6-Month Accomplishments

• Complete understanding of business, security, operations and processes
• Baseline existing IT(corporate) AWS security(core platform) infrastructure, Understand different services and document the current designs, perform risk assessments
• Propose designs to improve core AWS infrastructure to do network segmentation
• Propose designs to streamline traffic management and ability to install deep packet inspection tools
• Start implementing MFA on Bastion hosts using Okta plugin
• Start implementing Cloud proxy like Zscalar to protect internal applications
• Work with Engineering/DevOps/SRE to get consensus on the proposed designs 
• Create a high level road map to implement the recommendations and get consensus on the timeline
• Create road map for IT infra security by working with security, IT and SRE stakeholders

12+ Month Accomplishments

• Integrate Infra security into appropriate change management processes
• Have completed at least few major projects, network segmentation, Zscalar implementation,
  MFA for bastion hosts using Okta.
• Streamlined outbound communication and integrating deep packet inspections tools like dark trace

Requirements

• 9+ Years of experience across Software engineering, network security and AWS Security
• Proven track record as an experienced Infrastructure Security designing and implementing secure Cloud, networks and corp IT infrastructure
• Experience working at a SAAS product company
• Experience leading infrastructure security teams or security focussed SRE teams
• Robust understanding of Network designs and protocols, it is good to have CCNA and other network certifications
• Ability to multi task and run multiple projects
• Being comfortable with working off times (security incidents cannot be planned)
• Ability to make process under ambiguous situations without clarity
• First hand experience with major cloud providers, specifically AWS
• Experience in large scale systems and N tier architectures

Why Poshmark?

Poshmark is a leading social marketplace for new and secondhand style for women, men, kids, home, and more. By combining the human connection of physical shopping with the scale, ease, and selection benefits of ecommerce, Poshmark makes buying and selling simple, social, and fun. Its community of more than 70 million registered users across the U.S. and Canada is driving the future of commerce while promoting more sustainable consumption. For more information, please visit www.poshmark.com, and for company news and announcements, please visit investors.poshmark.com. You can also find Poshmark on Instagram, Facebook, Twitter, Pinterest, and YouTube.

About Us:

At Poshmark, we’re constantly challenging the status quo and are looking for innovative and passionate people to help shape the future of Poshmark. We’re disrupting the industry by combining social connections with e-commerce through data-driven solutions and the latest technology to optimize our platform. We’re nothing without our amazing team who deliver an unparalleled social shopping experience to the millions of people we connect each day.

We built Poshmark around four core values: 1) focus on people to create empowered communities that drive success; 2) together we grow to support each other to strive for our dreams; 3) lead with love to foster genuine connections built upon a foundation of respect; and 4) embrace your weirdness to accept and empower one another on their own unique journey. We’re invested in our team and community, working together to build an entirely new way to shop. That way, when we win, we all win together. Come help us build the most connected shopping experience ever.

Here’s what we’ll set you up with:

• A team that is invested in your career growth and training
• Competitive salary and equity, based on experience
• Company sponsors up to 100% cost for your health, dental and vision plans and up to 90% for your dependents
• Work alongside world-class talent
• Flexible vacation / paid time off policy
• Parental leave
• Personal style encouraged (or not, whatever you’re in to)

Poshmark is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.