Security Engineer II
United States
Who we are: We are a brilliant team making our history to evolve the commerce industry. fabric is the next-generation commerce platform that is designed to provide the commerce services customers expect so they can build world-class experiences, anywhere.
fabric is on a mission to revolutionize commerce for everyone, and we empower businesses that are striving to deliver commerce that drives conversion and customer outcomes. Leading retailers, including Chico’s, Brooklinen, and Ashley’s Furniture, trust fabric to run their modern commerce business. Headquartered in San Francisco, fabric was founded in 2017 by a group of industry veterans determined to bring the same technical principles found at Amazon to retail.
No matter what field you are in, fabric has exciting opportunities for people passionate about making a difference and skilled at what they do!
Here are four questions you should ask yourself: - Do I believe in fabric's mission? - Am I eager to build cool things? - Am I excited to collaborate with brilliant people? - Am I motivated to disrupt e-commerce?
If the answer is yes, we want to talk to you!
Where we hire: United States (California, Washington, New York, Texas, Massachusetts)
Your next career:Your next career move should be bold and we have the experience you are seeking. We build and ship products & solutions that enable merchants to compete and deliver a world-class differentiated shopping experience online.
The successful candidate will have prior experience in application security in the retail/ecommerce industry and is a hands-on technologist. This person is comfortable with multiple priorities in a fast-paced environment and is responsible for the ownership of key projects within the security space. You will also be responsible for driving for secure code design and integration of our software stack to keep our customers’ data safe while focusing on mitigating attack risks, securing cloud transformation, and fostering a culture of security and reliability within the company.
Your responsibilities:- Ability to work independently and as part of a team.- Experience in threat modeling methodologies (e.g. STRIDE, DREAD) and tools to develop and maintain threat models that reflect the organization's security posture.- Experience working with developers to communicate deficiencies and implement security measures.- Design, deploy, and maintain centralized security tools, technologies, and controls to monitor and protect our infrastructure and applications.- Help build and maintain runbooks and document policies and procedures.- Develop and maintain security metrics to track progress toward security goals.- Maintain essential skills in modern technology. Use automation wherever possible.- Conduct security reviews for new and existing software systems, integrations, and operational processes, which includes security testing and vulnerability scanning.- Review and enhance access controls, authentication mechanisms, and data encryption methods.- Collaborate with IT, development, and operations teams to integrate security best practices into our systems and software development lifecycle.- Build and manage services, tools, and integrations that will automate security controls within CI/CD pipelines.- Assess, identify, and monitor security risks, vulnerabilities, and threats, and develop effective mitigation strategies with engineering stakeholders to ensure timely remediations.- Educate and train employees on security awareness and best practices.- Assist systems integration with fabric customers to ensure security best practices- Provide guidance and mentorship to junior team members.- Participate in security detection, incident response, and post-response activities.- Stay up-to-date with industry trends, emerging threats, and security standards to adapt and improve our security posture.- Support and drive compliance programs with relevant regulations and industry standards (e.g., PCI DSS, SOC2, NIST).
What you bring to the table: - 5+ years of prior experience in security engineering/applications security- 2+ years of experience with AWS- Experience with scripting languages such as Python or JavaScript.- Experience working with OWASP and NIST security standards and frameworks. - Experience within DevSecOps, CI/CD processes, SDLC, and related tools such as Jira, Jenkins, Artifactory, Bitbucket, GitHub, GitLab, etc.- Ability to establish and report metrics and KPIs to the executive leadership team to measure the effectiveness of Security Engineering
Preferred Skills:- Previous experience as a DevOps/DevSecOps Engineer supporting applications and platforms running in private or public cloud (such as Rancher, Anthos, AWS, GCP, VMWare).- Experience with SIEM tools. Prefer experience with tools such as Splunk or Datadog.- Proven experience in information security, with a focus on ecommerce or web applications.- Strong knowledge of security architectures, cloud deployment paradigms, and common security principles.- Excellent written and verbal communication skills.- Hands-on knowledge of AWS security tools e.g., AWS WAF, AWS Cloudtrail, AWS Guard Duty, AWS Security Hub. Prefer AWS Security Speciality certification.- Experience securing the software supply chain including implementing appropriate controls across the SDLC and managing change along the way.- Experience with code review, SAST, DAST, SCA, container security, IaC scanning- Experience with containers, enterprise container orchestration, and related tools such as Docker, Rancher, Kubernetes, and public cloud container services.- Experience working across teams to drive the adoption of security best practices- Understanding of security automation within DevOps and CI/CD processes including vulnerability identification and management.- Experience integrating security solutions into CI/CD workflows and toolsets.
The salary range for this role is $120k to $160k USDWhat we bring to the table:- Competitive compensation packages- PTO and Holiday plans- Benefits packages which include Medical, Dental, Life, and Vision- Wellness & Technology Programs - 401k Program - Fast-paced, fun and collaborative environment - A team invested in you both personally and professionally
*fabric is an equal opportunity employer as well as a government contractor that shall abide by the requirements of 41 CFR 60-300.5(a), which prohibits discrimination against qualified protected Veterans and the requirements of 41 CFR 60-741.5(A), which prohibits discrimination against qualified individuals on the basis of disability.
#LI-Remote Apply
fabric is on a mission to revolutionize commerce for everyone, and we empower businesses that are striving to deliver commerce that drives conversion and customer outcomes. Leading retailers, including Chico’s, Brooklinen, and Ashley’s Furniture, trust fabric to run their modern commerce business. Headquartered in San Francisco, fabric was founded in 2017 by a group of industry veterans determined to bring the same technical principles found at Amazon to retail.
No matter what field you are in, fabric has exciting opportunities for people passionate about making a difference and skilled at what they do!
Here are four questions you should ask yourself: - Do I believe in fabric's mission? - Am I eager to build cool things? - Am I excited to collaborate with brilliant people? - Am I motivated to disrupt e-commerce?
If the answer is yes, we want to talk to you!
Where we hire: United States (California, Washington, New York, Texas, Massachusetts)
Your next career:Your next career move should be bold and we have the experience you are seeking. We build and ship products & solutions that enable merchants to compete and deliver a world-class differentiated shopping experience online.
The successful candidate will have prior experience in application security in the retail/ecommerce industry and is a hands-on technologist. This person is comfortable with multiple priorities in a fast-paced environment and is responsible for the ownership of key projects within the security space. You will also be responsible for driving for secure code design and integration of our software stack to keep our customers’ data safe while focusing on mitigating attack risks, securing cloud transformation, and fostering a culture of security and reliability within the company.
Your responsibilities:- Ability to work independently and as part of a team.- Experience in threat modeling methodologies (e.g. STRIDE, DREAD) and tools to develop and maintain threat models that reflect the organization's security posture.- Experience working with developers to communicate deficiencies and implement security measures.- Design, deploy, and maintain centralized security tools, technologies, and controls to monitor and protect our infrastructure and applications.- Help build and maintain runbooks and document policies and procedures.- Develop and maintain security metrics to track progress toward security goals.- Maintain essential skills in modern technology. Use automation wherever possible.- Conduct security reviews for new and existing software systems, integrations, and operational processes, which includes security testing and vulnerability scanning.- Review and enhance access controls, authentication mechanisms, and data encryption methods.- Collaborate with IT, development, and operations teams to integrate security best practices into our systems and software development lifecycle.- Build and manage services, tools, and integrations that will automate security controls within CI/CD pipelines.- Assess, identify, and monitor security risks, vulnerabilities, and threats, and develop effective mitigation strategies with engineering stakeholders to ensure timely remediations.- Educate and train employees on security awareness and best practices.- Assist systems integration with fabric customers to ensure security best practices- Provide guidance and mentorship to junior team members.- Participate in security detection, incident response, and post-response activities.- Stay up-to-date with industry trends, emerging threats, and security standards to adapt and improve our security posture.- Support and drive compliance programs with relevant regulations and industry standards (e.g., PCI DSS, SOC2, NIST).
What you bring to the table: - 5+ years of prior experience in security engineering/applications security- 2+ years of experience with AWS- Experience with scripting languages such as Python or JavaScript.- Experience working with OWASP and NIST security standards and frameworks. - Experience within DevSecOps, CI/CD processes, SDLC, and related tools such as Jira, Jenkins, Artifactory, Bitbucket, GitHub, GitLab, etc.- Ability to establish and report metrics and KPIs to the executive leadership team to measure the effectiveness of Security Engineering
Preferred Skills:- Previous experience as a DevOps/DevSecOps Engineer supporting applications and platforms running in private or public cloud (such as Rancher, Anthos, AWS, GCP, VMWare).- Experience with SIEM tools. Prefer experience with tools such as Splunk or Datadog.- Proven experience in information security, with a focus on ecommerce or web applications.- Strong knowledge of security architectures, cloud deployment paradigms, and common security principles.- Excellent written and verbal communication skills.- Hands-on knowledge of AWS security tools e.g., AWS WAF, AWS Cloudtrail, AWS Guard Duty, AWS Security Hub. Prefer AWS Security Speciality certification.- Experience securing the software supply chain including implementing appropriate controls across the SDLC and managing change along the way.- Experience with code review, SAST, DAST, SCA, container security, IaC scanning- Experience with containers, enterprise container orchestration, and related tools such as Docker, Rancher, Kubernetes, and public cloud container services.- Experience working across teams to drive the adoption of security best practices- Understanding of security automation within DevOps and CI/CD processes including vulnerability identification and management.- Experience integrating security solutions into CI/CD workflows and toolsets.
The salary range for this role is $120k to $160k USDWhat we bring to the table:- Competitive compensation packages- PTO and Holiday plans- Benefits packages which include Medical, Dental, Life, and Vision- Wellness & Technology Programs - 401k Program - Fast-paced, fun and collaborative environment - A team invested in you both personally and professionally
*fabric is an equal opportunity employer as well as a government contractor that shall abide by the requirements of 41 CFR 60-300.5(a), which prohibits discrimination against qualified protected Veterans and the requirements of 41 CFR 60-741.5(A), which prohibits discrimination against qualified individuals on the basis of disability.
#LI-Remote Apply
Job Profile
Regions
Countries
Collaborative environment Competitive compensation PTO
Tasks- Collaborate with teams
- Conduct security reviews
- Drive secure code design
- Educate employees
- Manage security tools
Access controls Application Security Automation AWS CI/CD CI/CD pipelines Cloud Security Communication Data Encryption ECommerce Incident Response Javascript Security Best Practices Security metrics Security Tools Threat modeling Vulnerability Scanning
Experience3 years
Education TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9
Remote Jobs in North America
Remote Jobs in Europe
Remote Jobs in South America
Remote Jobs in Asia/Pacific
Remote Jobs in Africa
Remote Jobs in Middle East
Full Time Remote Jobs
Part Time Remote Jobs
Contract Remote Jobs
Internship Remote Jobs
Temporary Remote Jobs
Freelance Remote Jobs
Mid-Level Remote Jobs
Senior-Level Remote Jobs
Entry-Level Remote Jobs
Exec-Level Remote Jobs
Lead-Level Remote Jobs
Remote Assist Jobs
Remote Contract Jobs
Remote Analytics Jobs
Remote Sales Rep Jobs
Remote Therapist Jobs
Remote Data Scientist Jobs
Remote Advisor Jobs
Remote Marketing Manager Jobs
Remote Sales Representative Jobs
Remote Program Manager Jobs
Remote Pathologist Jobs
Remote Engineer I Jobs
Remote Speech Language Pathologist Jobs
Remote Inside Sales Jobs
Remote Customer Success Jobs
Remote Finance Jobs
Remote Sales Manager Jobs
Remote Expert Jobs
Remote Technician Jobs
Remote Growth Jobs
Remote Jobs with GBP > 100K in Salary
Remote Jobs with CAD > 140K in Salary
Remote Jobs with CAD > 160K in Salary
Remote Jobs with EUR > 120K in Salary
Remote Jobs with GBP > 120K in Salary
Remote Jobs with CAD > 180K in Salary
Remote Jobs with CAD > 200K in Salary
Remote Jobs with GBP > 140K in Salary
Remote Jobs with PLN > 100K in Salary
Remote Jobs with PLN > 120K in Salary
Remote Jobs with PLN > 40K in Salary
Remote Jobs with PLN > 60K in Salary
Remote Jobs with PLN > 80K in Salary
Remote Jobs with PLN > 140K in Salary
Remote Jobs with ₱ > 40K in Salary
Remote Jobs with PLN > 180K in Salary
Remote Jobs with PLN > 160K in Salary
Remote Jobs with PLN > 220K in Salary
Remote Jobs with PLN > 200K in Salary
Remote Jobs with EUR > 140K in Salary