Principal Security Engineer
Coupang is reimagining the shopping experience with the goal of wowing each customer from the instant they open the Coupang app to the moment an order is delivered to their door.
Powered by an outstanding end-to-end e-commerce and logistics network and a fanatical culture of customer centricity, Coupang has broken tradeoffs around speed, selection and price. Today, we provide exceedingly fast shipping speeds on millions of items including fresh groceries, delivered within hours nationwide, 365 days a year.
We are doing this for millions of consumers in Korea. Korea is home to one of the largest and fastest growing e-commerce opportunities anywhere in the world.
- Design and implement security solutions for both Coupang’s internal IT environment and its e-commerce platform
- Possess a combination of strong technical knowledge across multiple information security domains and a solid development background preferably in Java
- Partner with engineering teams across the company to design, develop, and implement security solutions to identify and close security gaps for AWS cloud and on-premise data center environments
- Be an advocate and practitioner of DevSecOps implementing tools driven and highly automated approach to bake security into developer's workflow. You will serve as trusted advisor to engineering teams delivering architecture guidance, leading proof of concept evaluations, and assisting in large-scale implementations
- This is a unique, exciting opportunity to work on and learn about the latest and greatest technologies in the cloud, security, and DevSecOps.
What You Will Do
- Build the Identity & Access management solutions using open-source projects or commercial solutions
- Build application & data security engineering products to be used by teams across the company
- Apply risk-based thinking enabling teams to make the right security decisions and priorities
- Identify gaps in existing security engineering and design and build the recommend changes or enhancements
- Build tools and automation that enable Coupang developers to easily consume security services delivered by the security team
- Partner with platform and engineering teams to integrate security controls into continuous integration, delivery and deployment processes
- Build strong relationships with Coupang's technical teams and cultivate a culture of security awareness and ownership
- Provide hands on security training and secure coding best practices to developers
- Strong foundation and in-depth technical knowledge in security engineering, computer and network security, authentication and security protocols, and applied cryptography
- Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security
- Hands on experience in Threat Modeling, SAST, DAST, and Web application security including OWASP 10 and SANS 25
- Experience with public cloud environments and technologies, including Amazon Web Services (AWS) or other
- Experience in DevOps environments and automating security controls into the CI/CD process
- Experience with Jenkins or other CI tools and knowledge of technologies like containers and microservices
- Bachelor degree in Information Technology, Computer Science or a related field or equivalent experience
Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or gender (including pregnancy, gender identity, gender expression, sexual orientation, transgender status), national origin, age, disability, medical condition, HIV/AIDS or Hepatitis C status, marital status, military or veteran status, use of a trained dog guide or service animal, political activities, affiliations, citizenship, or any other characteristic or class protected by the laws or regulations in the locations where we operate. If you need assistance and/or a reasonable accommodation in the application or recruiting process due to a disability, please contact us at email@example.com.