Sr. Security Engineer

Five Below
Philadelphia, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Philadelphia, United States of America

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Application Firewall
Azure
Cloud Computing Security
Continuous Integration
Github
Identity and Access Management
Python
Performance Tuning
Powershell
Security Information and Event Management
Software Engineering
Systems Integration
Software Vulnerability Management
Software Organization
Scripting (Bash/Python/Go/Ruby)
Enterprise Software Applications
Cloud Platform System
Software Security
Multi-Cloud
Containerization
Github Enterprise
Synopsys Black Duck
Cloudflare
Static Application Security Testing
Microservices
Dynamic Application Security Testing

Job description

We are seeking a Sr. Security Engineer with a focus on cloud and application security to join our team as a hands-on individual contributor. This role is responsible for designing, implementing, and operating security controls that protect our e-commerce platforms and other enterprise technology environments., * Operate and enhance security solutions protecting customer-facing omnichannel commerce platforms, including web application firewalls (WAF), bot mitigation, and API security controls

  • Drive improvements in cloud security posture across Azure and AWS environments using CSPM/CNAPP tooling, and implement scalable governance and security controls
  • Build, integrate, and mature application security capabilities, including SAST, DAST, and SCA, embedding them into CI/CD pipelines and developer workflows ("shift-left" security)
  • Partner with engineering, infrastructure, and product teams to implement secure solutions and ensure alignment with enterprise security standards
  • Act as a security subject matter expert within enterprise initiatives, providing guidance and oversight for control implementation and risk reduction
  • Drive the implementation and ongoing enhancement of security-owned tools and capabilities to reduce risk and improve analyst visibility
  • Serve as an escalation point for internal security operations, supporting detection tuning, incident response, and threat analysis
  • Develop and maintain automation (scripts, workflows, integrations) to improve the efficiency and consistency of security control deployment and enforcement
  • Continuously evaluate emerging threats, technologies, and industry practices to enhance security capabilities and address evolving risks

Requirements

Success in this role requires strong technical execution, cross-functional collaboration, and the ability to operate as a generalist across multiple security domains. A proactive mindset, strong organizational skills, clear communication, and an appetite for continuous learning are essential., * Strong understanding of network and application security technologies, including WAF, CDN, API security, and bot mitigation

  • Experience securing cloud environments (primarily Azure and AWS), with the ability to implement controls programmatically and at scale
  • Familiarity with cloud security tooling such as CSPM/CNAPP platforms and cloud-native security controls
  • Understanding of modern software development practices, including CI/CD pipelines, containerization, and microservices architectures
  • Experience integrating security tools (SAST, DAST, SCA) into development workflows and supporting "shift-left" security initiatives
  • Proficiency in scripting or automation (e.g., PowerShell, Python, or similar) to support security engineering and operations
  • Strong communication and organizational skills, with the ability to work effectively across technical and non-technical teams
  • Ability to operate independently with minimal oversight while managing multiple priorities, * Experience with technologies such as Cloudflare, CrowdStrike (EDR/Cloud Security), BlackDuck/Snyk/GitHub Security, GitHub Enterprise, and SIEM platforms
  • Understanding of identity and access management practices and implementation of IAM controls
  • Familiarity with vulnerability management programs and tooling
  • Exposure to operating within or managing multi-cloud environments
  • Experience securing or evaluating AI/ML-based solutions in an enterprise environment
  • Background in infrastructure engineering or software development

About the company

At Five Below our growth is a result of the people who embrace our purpose: We know life is way better when you are free to Let Go & Have Fun in an amazing experience, filled with unlimited possibilities, priced so low, you can always say yes to the newest, coolest stuff! Just ask any of our over 27,000 associates who work at Five Below and they'll tell you there's no other place like it. It all starts with our purpose and then, The Five Below Way, which is our values and behaviors that each and every associate believes in. It's all about culture at Five Below, making this a place that can inspire you as much as you inspire us with big ideas, super energy, passion, and the ability to make the workplace a WOWplace!

Apply for this position