Key skills
PythonBashAWSAzureGCPTerraformKubernetesDockerEKSHelmLambdaIAMOktaSAMLSSOSplunkJiraCI/CDCloud Security
About this role
iHerb is on a mission to make health and wellness accessible to all. They are seeking a hands-on Security Automation Engineer to design and maintain secure cloud environments, focusing on AWS and modern security tooling while automating security processes.
Responsibilities:
- Design, develop, and maintain automation frameworks and scripts (Python, Bash, Terraform) to streamline security processes and workflows
- Deploy and manage secure, scalable infrastructure on AWS using Terraform via Scalr and Harness, with additional presence in GCP and Azure
- Build, support, and optimize AWS Step Functions, Lambda, and EventBridge workflows from a centralized tooling account that operates across multiple spoke accounts in the AWS Organization
- Maintain Kubernetes clusters using Helm charts, including in-house security automations on pods that integrate with CSPM tools and Jira ticketing processes
- Develop and enforce cloud security guardrails using OPA, Guardrails, Service Control Policies (SCPs), IaC security gates, and tag policies
- Architect, build, and maintain Splunk Enterprise Security (ES) integrations, including onboarding log sources, managing indexes, tuning correlation searches, and configuring automated response actions
- Design and implement Splunk SOAR playbooks to automate security tasks, reduce Mean Time to Respond (MTTR), and scale SOC capabilities
- Serve as the subject matter expert for Okta Identity Engine (OIE) — building and managing scalable SSO policies, modern authentication (SAML/OIDC), and identity lifecycle processes
- Leverage AWS security services (GuardDuty, Macie, IAM, Control Tower, KMS, CloudTrail, EventBridge) to build event-driven automations for threat detection and response
- Own the in-house Jira management process for CSPM findings and the supporting data pipeline that feeds AWS QuickSight dashboards
- Collaborate with cross-functional teams (Dev, Platform, Security, and SOC) to integrate security automation into CI/CD pipelines and shift security left
- Conduct risk assessments, enforce security best practices, and continuously improve our defensive posture through automation and tooling
- Monitor, troubleshoot, and optimize cloud infrastructure and security systems to ensure high availability, performance, and compliance
- Stay current with AWS best practices, security trends, and emerging technologies to drive continuous improvement
Requirements:
- 10+ years of experience
- Strong hands-on experience with: Terraform, Kubernetes (EKS + Helm), Docker, and scripting in Python & Bash
- AWS services including Step Functions, Lambda, EventBridge, GuardDuty, Macie, IAM, Organizations, and QuickSight
- Policy-as-code tools (OPA, Guardrails, SCPs) and IaC security scanning
- Splunk Enterprise Security (ES) administration, log onboarding, correlation search tuning, and automated responses
- Splunk SOAR playbook development and automation
- Okta Identity Engine (OIE), SSO, SAML, and OIDC protocols
- Proven ability to work independently with minimal supervision while collaborating effectively with cross-functional teams and providing technical guidance
- Experience designing automation solutions that reduce MTTD and MTTR
- Solid understanding of cloud security principles, compliance frameworks, and secure infrastructure design
- Experience with Scalr, Harness, or similar IaC deployment platforms
- Familiarity with GCP and/or Azure cloud environments
- Prior experience integrating security tools with Jira and building data pipelines for visualization (QuickSight or similar)
- Security certifications (AWS Security Specialty, CKS, Splunk-related certifications, or Okta certifications) are a plus