Sr. Security Engineer II

Iherb
US
Remote

Who this role is best for

Aimed at senior security engineers who specialize in AWS, Splunk, and Okta automation, this remote role requires deep cloud infrastructure expertise and security orchestration skills.

Best fit for

  • Senior security engineers with 10+ years of hands-on cloud automation experience.
    — “10+ years of experience
  • Candidates who excel in building and maintaining AWS security automations.
    — “Build event-driven automations for threat detection and response
  • Professionals comfortable with cross-functional collaboration in Dev, Platform, and SOC teams.
    — “Collaborate with cross-functional teams (Dev, Platform, Security, and SOC)

Things to consider

  • Role requires expertise in multiple cloud platforms beyond AWS.
    — “additional presence in GCP and Azure
  • Must be proficient in both Splunk Enterprise Security and Splunk SOAR.
    — “Splunk Enterprise Security (ES) administration

How to stand out

  • Highlight specific examples of reducing MTTD and MTTR through automation.
    — “designing automation solutions that reduce MTTD and MTTR
  • Showcase experience with Scalr or Harness for IaC deployments.
    — “Experience with Scalr, Harness, or similar IaC deployment platforms
  • Demonstrate integration of security tools with Jira and QuickSight.
    — “integrating security tools with Jira and building data pipelines
Pace · SteadyCollaboration · HighAutonomy · MediumDecision Impact · TeamLevel · Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • designed and maintained automation frameworks
  • deployed secure cloud infrastructure
Typical background
Computer ScienceInformation Security

Skills & requirements

Required

AWSTerraformKubernetesDockerPythonBashSplunkOktaCloud Security

Preferred

GCPAzureCSPMJiraQuicksight

Stack & domain

PythonBashTerraformKubernetesHelmDockerAWSSplunk Enterprise SecuritySplunk SoarOkta Identity EngineAws Step FunctionsLambdaEventbridgeKmsCloudtrailGuarddutyMacieIamOrganizationsQuicksightOpaGuardrailsScpsIac Security ScanningJiraCspmSAMLOIDCJira Ticketing ProcessesCspm FindingsAws Security ServicesSplunk Enterprise Security AdministrationLog OnboardingCorrelation Search TuningAutomated ResponsesSplunk Soar Playbook DevelopmentAutomation SolutionsMttdMttrSoc CapabilitiesRisk AssessmentsSecurity Best PracticesContinuous ImprovementCloud InfrastructureSecurity SystemsHigh AvailabilityPerformanceComplianceAws Best PracticesSecurity TrendsEmerging TechnologiesCollaborationIndependenceTechnical GuidanceCloud SecurityInfrastructure-as-codeSecurity OrchestrationIdentity ManagementSecurity AutomationCloud Security Guardrails

About the role

Original posting from Iherb via Greenhouse

About the Role

We are looking for a hands-on Security Automation Engineer and builder who thrives on creating automated, secure cloud environments and scaling security operations. You will design and maintain infrastructure-as-code, cloud security automations, and modern security tooling — with a strong focus on AWS, Splunk Enterprise Security, Splunk SOAR, and Okta Identity. This role combines deep cloud infrastructure expertise with security orchestration and identity management to strengthen our overall defensive posture.

Key Responsibilities

Design, develop, and maintain automation frameworks and scripts (Python, Bash, Terraform) to streamline security processes and workflows.

Deploy and manage secure, scalable infrastructure on AWS using Terraform via Scalr and Harness, with additional presence in GCP and Azure.

Build, support, and optimize AWS Step Functions, Lambda, and EventBridge workflows from a centralized tooling account that operates across multiple spoke accounts in the AWS Organization.

Maintain Kubernetes clusters using Helm charts, including in-house security automations on pods that integrate with CSPM tools and Jira ticketing processes.

Develop and enforce cloud security guardrails using OPA, Guardrails, Service Control Policies (SCPs), IaC security gates, and tag policies.

Architect, build, and maintain Splunk Enterprise Security (ES) integrations, including onboarding log sources, managing indexes, tuning correlation searches, and configuring automated response actions.

Design and implement Splunk SOAR playbooks to automate security tasks, reduce Mean Time to Respond (MTTR), and scale SOC capabilities.

Serve as the subject matter expert for Okta Identity Engine (OIE) — building and managing scalable SSO policies, modern authentication (SAML/OIDC), and identity lifecycle processes.

Leverage AWS security services (GuardDuty, Macie, IAM, Control Tower, KMS, CloudTrail, EventBridge) to build event-driven automations for threat detection and response.

Own the in-house Jira management process for CSPM findings and the supporting data pipeline that feeds AWS QuickSight dashboards.

Collaborate with cross-functional teams (Dev, Platform, Security, and SOC) to integrate security automation into CI/CD pipelines and shift security left.

Conduct risk assessments, enforce security best practices, and continuously improve our defensive posture through automation and tooling.

Monitor, troubleshoot, and optimize cloud infrastructure and security systems to ensure high availability, performance, and compliance.

Stay current with AWS best practices, security trends, and emerging technologies to drive continuous improvement.

Required Skills & Qualifications

10+ years of experience.

Strong hands-on experience with:

Terraform, Kubernetes (EKS + Helm), Docker, and scripting in Python & Bash

AWS services including Step Functions, Lambda, EventBridge, GuardDuty, Macie, IAM, Organizations, and QuickSight

Policy-as-code tools (OPA, Guardrails, SCPs) and IaC security scanning

Splunk Enterprise Security (ES) administration, log onboarding, correlation search tuning, and automated responses

Splunk SOAR playbook development and automation

Okta Identity Engine (OIE), SSO, SAML, and OIDC protocols

Proven ability to work independently with minimal supervision while collaborating effectively with cross-functional teams and providing technical guidance.

Experience designing automation solutions that reduce MTTD and MTTR.

Solid understanding of cloud security principles, compliance frameworks, and secure infrastructure design.

Preferred Qualifications

Experience with Scalr, Harness, or similar IaC deployment platforms.

Familiarity with GCP and/or Azure cloud environments.

Prior experience integrating security tools with Jira and building data pipelines for visualization (QuickSight or similar).

Security certifications (AWS Security Specialty, CKS, Splunk-related certifications, or Okta certifications) are a plus.

#LI-JC1

The anticipated pay scale for this position can be found below, however the pay range applicable to you may vary by geographic location based on where the job is located or where you work.  The final pay offered to a successful candidate will be dependent on several factors that may include but are not limited to the type and years of experience within the job, the type of years and experience within the industry, education, etc.  iHerb, LLC is a multi-state employer and this pay scale may not reflect positions that work in other states or locations.

Employees (and their families) that meet eligibility criteria as outlined in applicable plan documents are eligible to participate in our medical, dental, vision, and basic life insurance programs and may enroll in our company’s 401(k) plan. Employees will also be eligible for Time Off and Paid Sick Leave pursuant to the company’s policies. Employees will enjoy paid holidays throughout the calendar year.  Eligibility requirements for these benefits will be controlled by applicable plan documents.

Hired applicant may be awarded Restrict Stock Units and receive annual bonuses pursuant to eligibility and performance criteria defined in the respective plan documents and policies.

 

For more information on iHerb benefits, visit us at iHerbBenefits.com.

Anticipated Pay Scale:$162,000—$190,000 USD

Staffing Agency Submission Notice

iHerb does not accept unsolicited 3rd party ("Agency") candidates. If you are an Agency, please send any requests to be considered as a supplier in our Vendor Management System to staffingvendors@iherb.com. Do not contact iHerb employees directly. If requested to work on a role, any Agency candidates would be presented through the internal recruiting organization.

About iHerb

iHerb is on a mission to make health and wellness accessible to all. We offer Earth’s best-curated selection of health and wellness products, at the best possible value, delivered with the most convenient experience.

We’re the world’s largest eCommerce platform dedicated to vitamins, minerals, and supplements, and other health and wellness products. For more than 25 years, we’ve been making it simple for people all over the world to purchase the highest quality products. From supplements to skincare to grocery items, we ship over 50,000 products, from over 1,800 brands direct to our customers in 180+ countries.

Our vision is to become the #1 destination for health and wellness across the world.

With a passion for wellness and a mind for innovative solutions, iHerb team members share a vision for a healthier world that drives them each day. Our 5 Shared Values unite our global team:

Focus on the Customer · Empower Our People · Be Entrepreneurial & Pivot Quickly ·

Embrace Diversity & Inclusion · Strive for Simplicity

iHerb Benefits

At iHerb, we are dedicated to offering programs designed to help our employees and their families stay healthy, live well, and plan for their financial future. Built on a strong foundation, our programs provide options and upgrades with flexibility, protection, and security in mind. For the comprehensive benefits list, visit www.iHerbBenefits.com. For our international team members, you may be eligible for benefits depending on the country where you are employed. The Talent Acquisition Partner/local HR representative will go over the benefits you are eligible for. 

iHerb is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. iHerb provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment.

Source: Iherb careers (Greenhouse)

Similar roles