About Poshmark
Poshmark is the leading fashion marketplace where style comes alive through discovery, self-expression, and human connection.
Powered by a vibrant community of 165 million members, Poshmark brings real people and taste to shopping through a social experience shaped by shared discovery. Buying and selling fashion feels simple, joyful, and personal, while every item tells its own story. Poshmark empowers sellers to grow meaningful businesses, keeps fashion in circulation longer, and gives shoppers access to unique and trusted finds, from everyday pieces to one-of-a-kind vintage and luxury.
The Security team at Poshmark is responsible for securing our enterprise systems, corporate infrastructure, and IT ecosystem to protect Poshmark and its 60 million community members. As a Senior Security Engineer focused on Enterprise and IT Security, you will collaborate with Security, IT, and Engineering teams to strengthen the security posture of corporate systems, SaaS platforms, identity infrastructure, and endpoint environments.
This role focuses on designing and implementing enterprise security controls, securing corporate applications, and driving security best practices across the organization
.
Responsibilities
Design, implement, and maintain enterprise and IT security controls aligned with industry standards and security best practices.
Harden corporate IT systems and SaaS platforms (Okta, Google Workspace, Slack, CrowdStrike, Jamf, etc.) through layered security controls.
Implement and manage enterprise identity and access management (IAM) solutions, including SSO, MFA, privileged access, and access governance.
Strengthen endpoint security posture across corporate devices through EDR, configuration hardening, and continuous monitoring.
Conduct regular security assessments, gap analyses, and risk reviews across enterprise systems and SaaS applications.
Partner with IT teams to secure corporate infrastructure, enterprise applications, and employee productivity platforms.
Drive least-privilege access models and identity security improvements across enterprise environments.
Develop and maintain enterprise security standards, policies, and reference architectures.
Support incident response and investigation related to enterprise systems, identity compromise, endpoint threats, and insider risks.
Integrate security controls into IT lifecycle processes, including device provisioning, access management, and system deployments.
Collaborate with Security Operations, IT, and Compliance teams to continuously improve enterprise security posture.
Mentor junior engineers and contribute to a culture of proactive and engineering-driven security.
Requirements
6+ years of professional experience in Enterprise or IT Security, Security Engineering,
Strong hands-on experience with enterprise security technologies such as Okta, CrowdStrike, JAMF, endpoint security platforms, Firewalls and SSO solutions.
Deep understanding of Identity and Access Management (IAM), endpoint security, and SaaS security controls.
Experience securing enterprise productivity platforms and corporate applications.
Familiarity with device management and endpoint security technologies.
Strong knowledge of network security fundamentals, zero trust principles, and enterprise security architecture.
Experience with vulnerability management and security configuration hardening across enterprise systems.
Familiarity with security frameworks and standards such as CIS, NIST, ISO 27001, and Zero Trust frameworks.
Excellent communication skills and the ability to work cross-functionally with IT, Engineering, and business teams.
Strong ownership mindset with a focus on continuous security improvement.
Preferred Qualifications
Security certifications such as CISSP, CISM, or similar.
Experience implementing Zero Trust architecture across enterprise environments.
Experience with SaaS security posture management (SSPM) or enterprise SaaS security governance.
Experience automating security workflows using Python, Terraform, or similar scripting tools.
