Security team at Poshmark is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Poshmark and its 60 million Community members.

As a AWS and Infrastructure Security Engineer, you will collaborate with other security team members and other stakeholders to design and harden infrastructure, network and access implementing security best practices.

Responsibilities :

- Design, implement and maintain secure AWS architecture aligned with industry standards, security best practices and CIS benchmarks.

- Harden corporate IT and SaaS applications (Okta, CrowdStrike, Jamf, etc.) through security best practices and layered defense.

- Develop and maintain cloud and infrastructure security reference architectures, and policies.

- Continuously assess and manage vulnerabilities across cloud, infrastructure, and endpoint systems.

- Conduct regular security gap analyses, security reviews, risk assessments, and drive remediation with system owners.

- Integrate infrastructure security into CI/CD pipelines and change management processes.

- Architect and enforce cloud and enterprise IAM controls with Okta and AWS IAM, focusing on least privilege, SSO, and federation.

- Strengthen endpoint and server protection through configuration management and continuous monitoring.

- Partner with Engineering, DevOps, SRE, IT, and Compliance teams to ensure security requirements are embedded throughout the infrastructure lifecycle.

- Help with incident response activities across AWS and corporate environments including detection, investigation, containment, eradication, and recovery.

- Mentor junior engineers and contribute to a culture of proactive, engineering-driven security.

Requirements :

- 5+ years of professional experience in Security Engineering, with at least 3+ years focused on AWS Cloud Security or any other public cloud.

- Demonstrated experience in Enterprise Security technologies (e.g., Okta, CrowdStrike, JAMF, SSO, and related tools).

- Strong hands-on experience with AWS security services: IAM, WAF,Advanced Shield, GuardDuty, CloudTrail, Macie, Config, Organizations, and Network Firewall, DNS Firewall etc.

- Solid understanding of network security, segmentation, and zero-trust principles.

- Familiarity with security frameworks and standards (CIS, NIST, ISO 27001, OWASP).

- Excellent written and verbal communication skills.

- Ability to work cross-functionally and influence without authority.

- Strong sense of ownership, accountability, and continuous improvement mindset.

Preferred Certifications :

- AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP) or similar.

Bonus :

- Experience building and deploying security controls and detection mechanisms as code using Terraform, Python, or similar automation frameworks.