As a member of the Ship Bob Team, you will...

• Grow with an Ownership Mindset: We champion continuous learning and proactive innovation. Team members are encouraged to identify challenges and take ownership of initiatives that drive merchant, company and personal growth. By tackling complex problems and exploring creative solutions, you won’t just follow a playbook, you’ll be actively building the future of Ship Bob.

• Collaborate with Peers and Leaders Alike: Ship Bob values collaboration and support, where team members and leaders alike are committed to helping each other succeed. We all sethigh standards and understand the importance oftransparency at all levels. We’ve created an environment where trust, open communication, and mutual respect motivate our teams to reach new heights.

• Experience a High-Performance Culture and Clear Purpose: Our commitment to delivering results creates a goal-driven, high-performance culture where everyone is empowered to contribute to our mission with a clear understanding of their direct impact and accountability. We measure success in tangible ways, allowing each team member to see the positive outcomes of their work and celebrate shared victories.

Location: Remote

• India

Shift Timings: US Hours 7 pm- 4 am IST

Role Description:

As a Security Engineer II you will play a pivotal role in Ship Bob’s security, governance, risk, and compliance programs. You will design, implement, and maintain access control and threat detection solutions, participate in risk assessments and audits, and collaborate across teams to ensure the confidentiality, integrity, and availability of our critical data and systems. You will also support compliance initiatives, manage third-party risk, and contribute to the continuous improvement of our security posture.

This role reports to Vice President, Information Tech & Security.

What you’ll do:

• Design, implement, and maintain threat detection, response, and access control solutions for cloud-native environments and applications (e.g., Azure AD, M365, Google Workspace, Salesforce).

• Develop and automate security workflows, playbooks, and tools to improve the efficiency and effectiveness of security operations.

• Develop, enforce, and update security policies, procedures, and guidelines for access control, threat detection, and compliance with standards such as ISO 27001, SOC 2, PCI, NIST CSF, and Sarbanes-Oxley.

• Participate in and oversee risk assessments, compliance reviews, and audits (internal and external), including evidence collection and control implementation.

• Maintain and monitor control effectiveness and operations in GRC platforms (e.g., Vanta).

• Communicate concerns and risks to stakeholders, document remediation plans, and proactively share information with management.

• Conduct third-party risk reviews for SaaS tools, service providers, AI tools, and open-source software; manage the third-party audit pipeline and vendor responses.

• Build and execute regular threat hunting campaigns focused on current, emerging, and obscure tactics, techniques, and procedures.

• Proactively search for, identify, and analyze new and existing techniques to detect advanced and targeted threats.

• Utilize advanced threat hunting techniques to detect anomalies and suspicious activities.

• Guide the incident response process, from triage to closure, providing support and coordination across multiple teams.

• Collaborate with security team members, developers, operations, and stakeholders to share knowledge and best practices.

• Participate in security awareness initiatives (e.g., newsletters, phishing simulations, training sessions).

• Respond to customer questionnaires about Ship Bob’s security program and maintain the knowledge base.

• Identify process improvements and provide actionable guidance.

• Perform other duties as assigned.

What you’ll bring to the table:

• 4+ years of hands-on work experience with security architecture and engineering in a cybersecurity operations program.

• 2+ years of experience in incident response, detection, threat intelligence, or access control security engineering roles.

• 1+ years’ security experience focused on risk and compliance, including ISO 27001 and SOC 2 audits.

• Strong knowledge and experience with access control frameworks and tools (IAM, RBAC, ABAC, OAuth, SAML), cloud security, network security, endpoint security, and threat intelligence.

• In-depth knowledge of Azure services (especially Azure Active Directory, Azure AD Identity Protection, Azure RBAC), and experience securing cloud-based infrastructures (Azure, M365, Google Workspace, Salesforce).

• Proficiency in scripting languages such as Python, PowerShell, Go, or Bash.

• Excellent knowledge of industry-standard frameworks (MITRE ATT&CK, ISO 27001, SOC 2, NIST CSF, PCI, SOX, GDPR).

• Experience with GRC tools and standard practices.

• Proven ability to manage multiple risk and compliance projects.

• Strong written and verbal communication; effective collaborator with outstanding interpersonal skills.

• Excellent analytical and problem-solving skills supporting business objectives.

• Detail-oriented, organized, and able to balance precision with big-picture thinking.

• Quick learner who proactively drives personal and professional growth.

• Demonstrated initiative and ownership in problem-solving.

• Strong design and solution implementation skills for a Zero Trust Architecture.

• Desire to solve response challenges with automation.

• Security+, CISSP, CISA, CISM, CRISC, GCIA, GCIH, GREM, or similar certifications preferred; equivalent experience accepted.

Perks & Benefits:

• Medical, Term & Accidental Insurance

• All Purpose Leave (casual & sick time): 12 days

• Earned Leave: 15 days

• Public Holiday: 12 days

• Generous Maternity & Paternity Leave

• Quarterly Wellness Day

• Work From Home Allowance

• See Our High-Performing Culture >>> Check us out on Instagram (@lifeatshipbob)

We recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. Diversity of experience and skills combined with passion is a key to innovation and excellence; therefore, we encourage people from all backgrounds to apply to our positions.

About You:

The work we do at Ship Bob is both challenging and rigorous, which means our environment isn’t the right fit for everyone, and that’s okay. We welcome energetic high performers who thrive in a dynamic, collaborative, results-driven environment. We value individuals who embrace accountability and humility, push boundaries, and are motivated by challenging work. Every team member, no matter their role or tenure, is expected to roll up their sleeves and tackle the complex problems we face in today’s global supply chain.

Learn more about our core values and how we perform at a high level in our day-to-day work on our Culture page (https://www.shipbob.com/careers/culture/).

About Us:

Ship Bob is a leading global supply chain and fulfillment technology platform designed for SMB and Mid-Market ecommerce merchants to provide them access to best-in-class capabilities and to deliver a delightful shopper experience. Merchants can outsource their entire fulfillment operations, utilize Ship Bob’s proprietary warehouse management system for in-house fulfillment, or take advantage of a hybrid solution across Ship Bob’s dozens of fulfillment center network in the United States, Canada, United Kingdom, Europe, and Australia. Ship Bob is backed by leading investors like Menlo Ventures, Bain Capital Ventures, Hyde Park Venture Partners, and Soft Bank Vision Fund 2, and is one of the fastest-growing tech companies headquartered in Chicago.

*Ship Bob provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. *

*There is no deadline to apply for this position, as Ship Bob accepts applications on an ongoing basis. *