Apply on Employer Site

E.L.F. BEAUTY · 7 hours ago

Sr. IT Security Engineer

Oakland, CA

Full-time

Hybrid

Senior Level

$105K/yr - $140K/yr

7+ years exp

E.L.F. Beauty, Inc. is a leader in clean, cruelty-free beauty products and is seeking a highly skilled Senior Information Security Engineer to enhance its cybersecurity initiatives. The role involves designing and implementing advanced security solutions while collaborating with teams to identify risks and ensure compliance, ultimately safeguarding the company's systems and data.

BeautyConsumer GoodsCosmeticsE-Commerce

Growth Opportunities

Responsibilities

Design, build, deploy, and maintain enterprise security technologies and solutions aligned with business objectives, compliance requirements, and the cybersecurity program

Develop, document, and enforce security policies, standards, and procedures based on frameworks such as NIST, CIS, ISO 27001, and SOX while advancing overall security maturity, governance, and processes

Lead strategic security initiatives, including Zero Trust architecture, Data Loss Prevention (DLP), Cloud Security, Network Segmentation, IAM, Endpoint Security modernization, and security automation

Manage and improve email security, DNS security, and other protective controls to defend against phishing, malware, data exfiltration, and domain-based threats

Lead vulnerability management programs and drive remediation efforts, providing visibility into risks and progress to stakeholders

Oversee incident response lifecycle—detection, analysis, containment, remediation, post-incident review—and continuously enhance disaster recovery and business continuity plans

Monitor and analyze security events and network activity (e.g., traffic analysis, host behavior, forensics, kill chain, Windows event analysis), tuning tools, and event correlation for accurate threat detection

Collaborate with IT, DevOps, and digital teams to embed security into system design, application development, deployment pipelines, and cloud infrastructure

Evaluate and review vendor and partner security practices to ensure alignment with organizational standards

Produce regular security dashboards and metrics to report on incidents, threats, and operational effectiveness

Lead security awareness training, mentor junior engineers, and guide cross-functional teams on secure design principles and best practices

Stay current on emerging threats, vulnerabilities, and technologies to enhance enterprise resilience

Qualification

Cloud SecurityIncident ResponseVulnerability ManagementSecurity AutomationZero Trust ArchitectureIAMSecurity FrameworksThreat ManagementNetwork SecurityCommunication SkillsLeadership SkillsMentoring Skills

Required

Bachelor's degree in Computer Science, Cybersecurity, or related field

7+ years of experience in information security engineering, architecture, or operations

Expertise in cloud security (AWS, Azure, GCP), data protection, IAM/SSO/MFA, email and DNS security, and secure network architecture

Hands-on experience with key security technologies: firewalls, VPN, NAC, EDR/MDR, IPS/IDS, SIEM, DLP, vulnerability management, and email security platforms (Proofpoint, Mimecast, Microsoft 365 Defender)

Strong understanding of Zero Trust, endpoint protection, DevSecOps, security automation, and scripting (Python, PowerShell, Bash)

Proven ability to lead incident response, risk assessments, threat detection, and remediation efforts

Experience implementing DNS protection solutions (Cisco Umbrella, Cloudflare, Infoblox, Valimail)

Knowledge of security frameworks and compliance standards: NIST CSF, CIS Controls, ISO 27001, SOX

Demonstrated success in leading security awareness programs, mentoring team members, and advancing security program maturity

Strong communication, leadership, and ability to manage multiple security initiatives

Strong Technical Security Foundation & Architecture

Deep knowledge of network, cloud, and endpoint security

Hands-on experience with firewalls, SIEM tools (e.g., Splunk, Sentinel), EDR/XDR, IAM, and vulnerability management

Understanding of encryption, authentication, and secure architecture design

Incident Response & Threat Management Skills

Ability to detect, analyze, and respond to security incidents effectively

Skilled in log analysis, threat hunting, and forensics

Familiarity with MITRE ATT&CK, common attack techniques, and SOC operations

Risk Assessment & Communication

Strong ability to assess vulnerabilities, prioritize risks, and implement mitigations

Can translate technical findings into business impact and communicate clearly with both technical and non-technical teams

Understanding of security frameworks and compliance standards (NIST, ISO 27001, CIS)

Preferred

Master's degree in Computer Science, Cybersecurity, or related field

Relevant certifications preferred: CISSP, CISM, CISA, GIAC, Microsoft Security certifications, AWS Security Specialty, Azure Security Engineer Associate