Security Engineer

J.Crew • New York, NY, US • 1d geleden

Our Story

J.Crew gets you dressed every day, for every occasion.

Since 1983, we’ve been creating classics that feel familiar and refreshingly new, crafted with unbeatable quality and distinctive point of view—it’s no wonder we’ve been in your closet for four decades and counting.

Today, we continue to do the classics our way, inspiring not only how you shop but how you define your personal style. Our commitment runs deeper than just making great clothes—we’re proud of our role in getting you dressed with confidence, character, and celebrating a distinctly American sensibility that makes us who we are.

Our dedication to Diversity, Equity, Belonging & Sustainability has been celebrated with industry recognition, reflecting our commitment to fostering an inclusive and sustainable workplace.

Role & Purpose

We are seeking a skilled Security Engineer to join our growing Information Security team. The Security Engineer will design, implement, and maintain security solutions that protect our retail, e-commerce, and corporate environments. This role combines technical expertise with strategic thinking, ensuring that our systems are resilient against evolving cyber threats while enabling seamless customer experiences.

The ideal candidate has strong technical security knowledge, thrives in collaborative environments, and is passionate about protecting customer trust and brand reputation.

Key Responsibilities

Design and implement security controls across networks, applications, endpoints, and cloud environments (AWS, Azure, GCP).
Optimize all current Information Security solutions.
Support identity and access management (IAM), ensuring proper role-based access controls and privileged account management.
Collaborate with DevOps and application teams to embed security into CI/CD pipelines and e-commerce applications.
Conduct threat modeling, risk assessments, and security architecture reviews for new technologies and projects.
Monitor systems for security events, analyze incidents, and support incident response and forensic investigations.
Ensure compliance with PCI-DSS, GDPR, CCPA, and other applicable regulations.
Research emerging security threats (e.g., ransomware, supply chain attacks, API exploits) and recommend proactive defenses.
Contribute to security awareness training and act as a subject matter expert for business and IT partners.

Required Skills & Qualifications

Proven experience in information security engineering, network security, or systems engineering.
Strong knowledge of security technologies (firewalls, SIEM, EDR, DLP, WAF, VPNs, MFA).
Familiarity with retail systems (POS, ERP, CRM, and high-traffic e-commerce platforms).
Hands-on experience with cloud security controls in AWS, Azure, or GCP.
Strong understanding of secure network design, encryption, and authentication protocols.
Proficiency with scripting languages (Python, Bash, PowerShell) for automation.
Relevant certifications such as CISSP, CISM, Security+, GSEC, or CCSP.
Excellent communication skills with the ability to explain technical security concepts to business leaders.

Preferred Qualifications

Experience with application security and secure coding practices (OWASP Top 10).
Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
Knowledge of threat hunting and advanced incident response techniques.
Prior experience in the retail or e-commerce industry.

We welcome you to apply, even if you don't check all the boxes. Our passion is scouting life-long learners who are driven by curiosity, and who feel connected to our brands and share our desire to make an impact. We’re always seeking bright new talent who leverage their unique experiences to discover, grow and evolve with our teams.

Benefits + Perks

Health & Well-being - Eligible associates and family members receive medical, dental, prescription and vision insurance, family planning (fertility, adoption & surrogacy support), fitness discounts, medical travel and more.
Associate Discount - We love our products just as much as you do! That’s why we offer a great associate discount across all of our brands (J.Crew, J.Crew Factory, and Madewell).
Summer Fridays - In addition to our hybrid work model, we also close our office at 1:00 PM every Friday during the Summer months.
Community Impact - We support the communities where we live and work through our philanthropic efforts and the J.Crew Cares Program.
Winter Break - In addition to our PTO package, J.Crew Group offers a winter break at the end of December to eligible full-time associates at the Home Office to provide time to refresh and recharge.

Note: Availability of these benefits and perks may be subject to work location & employment type and may have certain eligibility requirements.

At J.Crew Group (JCG) we aim to pay competitively for our company’s size and industry. The base salary offered will take into account internal equity and may vary depending on the candidate’s geographic region of work premises, job-related knowledge, skills, and experience among other factors. The base salary is just one component of J.Crew Group’s competitive total rewards strategy that also includes the opportunity for bonus, competitive benefits and perks.

One of our core focuses here at JCG is creating a community and culture that builds belonging. We are deeply committed to our Diversity, Equity and Inclusion efforts, and we warmly welcome job applicants of all backgrounds.

JCG is proud to affirmatively provide equal opportunity to all associates and qualified applicants without regard to race, color, religion, national origin or citizenship, age, sex, marital status, ancestry, legally protected physical or mental disability, veteran status, gender identity, sexual orientation or any other basis protected under applicable law