Staff Engineer, Infrastructure Security

* Confidence can sometimes hold us back from applying for a job. Here’s a secret: there's no such thing as a "perfect" candidate. Poshmark is looking for exceptional people who want to make a positive impact through their work and help create an organization where everyone can thrive. So whatever background you bring with you, please apply if this role would make you excited to come to work every day.
**
* Job Description:

** The security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 150 million Poshers. This role is for a Staff Cloud/Infrastructure Security Engineer responsible for designing, implementing, and maintaining secure AWS cloud and corporate IT infrastructure, ensuring alignment with industry best practices and CIS benchmarks. The position involves hardening systems, developing security architectures and policies, managing vulnerabilities, and enforcing least-privilege IAM controls across the enterprise.
**** Responsibilities:
***** Develop bot and fraud attack detection and mitigation strategies.
* Design, implement and maintain secure AWS architecture aligned with industry standards, security best practices and CIS benchmarks.
* Harden corporate IT and SaaS applications (Okta, Crowd Strike, Jamf, etc.) through security best practices and layered defense.
* Develop and maintain cloud and infrastructure security reference architectures, and policies.
* Continuously assess and manage vulnerabilities across cloud, infrastructure, and endpoint systems.
* Conduct regular security gap analyses, security reviews, risk assessments, and drive remediation with system owners.
* Integrate infrastructure security into CI/CD pipelines and change management processes.
* Architect and enforce cloud and enterprise IAM controls with Okta and AWS IAM, focusing on least privilege, SSO, and federation.
* Strengthen endpoint and server protection through configuration management and continuous monitoring.
* Partner with Engineering, Dev Ops, SRE, IT, and Compliance teams to ensure security requirements are embedded throughout the infrastructure lifecycle.
* Help with incident response activities across AWS and corporate environments including detection, investigation, containment, eradication, and recovery.
* Mentor junior engineers and contribute to a culture of proactive, engineering-driven security.
** 6-Month Accomplishments:
*** Get a thorough understanding of Postmark’s cloud and IT infrastructure.
* Establish relationships with stakeholders in DevOPs, SRE, IT teams.
* Drive existing projects to meaningful completion.
* Partner with the SOC team to understand bot attacks and existing mitigations in place.
** 12+ Month Accomplishments:
*** Develop a comprehensive roadmap for infrastructure security.
* Architect scalable least privilege cloud infrastructure.
* Automate cloud security with secure by design principals.
** Requirements:
*** 8+ years of professional experience in Security Engineering, with at least 5+ years focused on AWS Cloud Security or any other public cloud.
* Demonstrated experience in Enterprise Security technologies (e.g., Okta, Crowd Strike, JAMF, SSO, and related tools).
* Strong hands-on experience with AWS security services: IAM, WAF, Advanced Shield, Guard Duty, Cloud Trail, Macie, Config, Organizations, and Network Firewall, DNS Firewall etc
* Solid understanding of bot activity, network security, segmentation, and zero-trust principles.
* Familiarity with security frameworks and standards (CIS, NIST, ISO 27001, OWASP).
* Excellent written and verbal communication skills. Ability to work cross-functionally and influence without authority.
* Strong sense of ownership, accountability, and continuous improvement mindset.
* Preferred

Certifications:

AWS Certified Security – Specialty, Certified Cloud Security Professional (CCSP) or similar.
* Bonus:
Experience building and deploying security controls and detection mechanisms as code using Terraform, Python, or similar automation frameworks.
** Salary Range:**$ - $ Annual Poshmark is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an…