Portfolio Jobs

Omega Venture Partners
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Infosec Engineer III

ipsy

ipsy

IT
Argentina
Posted on Dec 10, 2025
Apply now
ABOUT US

Join us in inspiring everyone to express their unique beauty.

IPSY is the beauty industry’s most powerful platform, uniting brands, creators, and hyper-engaged consumers with unprecedented access to each other through the ultimate beauty membership. Home to sample-size subscription IPSY Original, full-size subscription IPSY Extra, and quarterly, limited-edition collection IPSY Ultimate, we curate beauty for millions of members so they can play, explore, and express their unique beauty every day.

We think self-discovery, self-expression, and confidence are beautiful. Agree? Then join us! Explore careers and learn more about our values, culture, and benefits across all our brands: IPSY Careers.

We're proud to be a remote-first company. Our fully remote team members have the chance to live and work where they want, because we believe work should fit into your life—not the other way around. We offer monthly virtual activities, company-wide offsites, professional development, and learning sessions, to help our team members stay connected, engaged, and impactful while working virtually.

United States Remote: Remote positions which may be performed in any of the states where IPSY has established a Business presence: Arizona, California, Connecticut, Florida, Illinois, Kansas, Massachusetts, Missouri, North Carolina, New York, New Jersey, Nevada, Ohio, Pennsylvania, Texas, and Washington. California Privacy Notice

Beware job scams! IPSY recruiters only use @ipsy.com email addresses. We do not interview via text/message/Teams. We don't ask for software downloads (except Zoom) and we will never ask for sensitive information (like SSN/bank info). Suspect fraud? Report it to law enforcement and recruiting@ipsy.com.

About the Role:

The Sr. Infosec Engineer will play a key role in shaping the security of our applications and infrastructure. As a Sr. Infosec Engineer, you will lead application security efforts, perform threat modeling, and guide our product and engineering teams to implement best practices in secure development. You will also help scale our automated security tooling and training programs while ensuring compliance with relevant security and privacy standards like PCI DSS, CCPA, and GDPR.

This position reports to the Head of Information Security and can be fully remote (from Argentina).

What You’ll Be Doing:

  • Automate recurring application security tasks and processes
  • Implement and maintain tools for DAST, SAST, and IAST
  • Define and evolve application security standards
  • Perform threat modeling and security code reviews
  • Conduct manual and automated application vulnerability assessments
  • Collaborate with developers to remediate vulnerabilities
  • Recommend and validate security controls for applications
  • Assist with forensic investigations as needed
  • Develop secure coding training and deliver sessions to engineering teams
  • Contribute to and improve the bug bounty program
  • Define and tune WAF/IDS/IPS rules and logic
  • Own and evolve the application vulnerability management process
  • Act as a trusted advisor to Product and Engineering teams on security topics
  • Support adherence to regulatory frameworks such as PCI DSS, CCPA, and GDPR

What We Are Looking For:

  • Strong knowledge of secure coding practices, common vulnerabilities, and OWASP Top 10
  • Hands-on experience with security testing tools and methodologies (SAST, DAST, IAST)
  • Proficient in development or scripting languages (e.g., Python, JavaScript, Java, etc.)
  • Deep understanding of web and network protocols (HTTP/S, TCP/IP, etc.)
  • Strong grasp of IAM protocols (OAuth 2.0, OpenID Connect, etc.)
  • Experience identifying security issues through manual and automated code review
  • Knowledge of regulatory and compliance standards such as PCI DSS, CCPA, GDPR, SOC 2
  • Ability to communicate complex security topics clearly to technical and non-technical audiences
  • Proven track record of working with engineering teams to embed security by design

Bonus if You Have:

  • Experience building strong partnerships with Development and Product teams
  • Prior involvement in a successful bug bounty or responsible disclosure program
  • Familiarity with cloud-native security tooling and DevSecOps practices
  • Experience with threat modeling frameworks (e.g., STRIDE, LINDDUN)
  • Background in forensics or incident response
  • Experience leading security audits or assessments for PCI DSS or SOC 2 compliance

What We Offer:

  • Competitive salary (USD)
  • Paid time off & work from home flexibility
  • Learning & development programs


LATAM Remote: Remote positions which may be performed in any of the countries where IPSY has established a Business presence: Argentina. (Only Argentina based applicants will be considered at this time)
IPSY is based in the U.S. and we partner with the local agency, Nexton, that assists us with employee recruiting and payroll.

Please submit CV/Resume in English.

If you need reasonable accommodation in the application or employment process, please contact us.

IPSY is based in the US and to ensure compliance with country specific employment laws we partner with the local agency, Nexton, that assists us with employee recruiting and payroll.

#LI-SB

#LI-Remote

Apply now
See more open positions at ipsy
Privacy policyCookie policy