Senior Security Engineer


 3 years ago

About ShipHero
Hello. We are ShipHero ( We have built a software platform entrusted by hundreds of ecommerce companies, large and small to run their operations and we continue to grow. About US$5 billion of ecommerce orders are shipped a year via ShipHero. Our customers sell on Shopify, Amazon, Etsy, Ebay, WooCommerce, BigCommerce and many other platforms. We’re driven to help our customers grow their businesses by providing a platform that solves complex problems, and is engineered to be reliable and fast. We are obsessed with building great technology, that is beautiful, easy to use and is loved by our customers. Our culture also reflects our ethos and belief that by bringing passionate, talented and great people together – you can do great things.

Our team is fully remote, with most of our engineers currently spread over the Americas but have been building out teams in Europe as well. We communicate regularly using video chat and Slack, and put a strong emphasis on asynchronous work so people have large chunks of uninterrupted time to focus and do deep work.

Making sure you and the rest of the company are able to focus while being at work is really important to us. You can read our internal guide on how we communicate from our website:…


About the role
We are looking for an experienced Security Engineer who will analyze our software designs and implementations from a security perspective, in order to identify and resolve security issues. Your duties will include the appropriate security analysis, defenses and countermeasures at each phase of the software development lifecycle, to result in robust and reliable software.

You should have a solid technical background and great abilities of security threats prevention. We also expect you to have an analytical mindset and to be an efficient team player.


Software Security Engineer responsibilities are:
Scope and perform application security reviews of our full stack: web applications, APIs, and platform architectures.
Develop, maintain and implement security automated solutions for deployment pipelines.
Coordinate and perform vulnerability testing, risk analysis and security assessments on environments.
Evaluate criticality of outstanding security findings and collaborate with roadmap planning for proper mitigation.
Promote secure development practices for our Engineering Teams
Recommend and evaluate appropriate security tools, training resources and latest security trends.
Work together with our Security Officer to define the cloud security incident response plan and to analyze cloud security breaches to determine their root cause.


Software Security Engineer requirements are:
5+ of technical experience with establishing and implementing securing best practices in AWS cloud
Practical experience on programming/scripting to automate security tasks using languages like Python.
Practical experience with Apache, Nginx, Gunicorn and MySQL.
Practical experience using modern cloud deploy pipelines such as Infrastructure as Code (Terraform), Software Development Lifecycle, Continuous Integration and Delivery (Git & Atlassian Suite).
Offensive mindset and the ability to think of and consider abuse and attack paths as well as the defensive mindset to think of recommendations to prevent them.
Ability to express to other stakeholders what’s important and what’s urgent, so it can be prioritized along with competing priorities.
Competence in spoken and written English.

$2.500 so you can buy any equipment you need to be happy at your job
20 days paid vacation + new year & Christmas
Conference days don’t count against your vacation days, we want you to stay up-to-date
We will pay for courses & conferences, if you learn we all learn
Salary range is $80.000 – $120.000 / year depending on experience and location




Or view all jobs:

  • JS Remotely
  • PHP Remotely
  • Java Remotely
  • Python Remotely
  • Ruby Remotely
  • Designer Remotely
  • Develops Remotely
  • DotNet Remotely
  • GoLang Remotely

DevOps Remotely

We are a part of the Go Remotely group, specialized in recruiting anywhere in the world.

JS Remotely

PHP Remotely

Java Remotely

Python Remotely

Ruby Remotely

Designer Remotely

Develops Remotely

DotNet Remotely

GoLang Remotely

Copyright © 2024 DevOps Remotely | Privacy policy