Senior Security Engineer

🕒 Maio 21

🇺🇸 Estados Unidos – Remoto (EUA)

💵 $175.000 - $185.000 / ano

⏰ Tempo Integral

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

AutoFi

SiteLinkedInTodas as Vagas

201 - 500 funcionários

💳 Fintech

☁️ SaaS

💰 $85.000.000 Series C em 2022-03

Fintech • Automotive • SaaS

A AutoFi é uma empresa que fornece uma plataforma de varejo digital avançada, centrada em finanças, para concessionárias de automóveis, visando otimizar e aprimorar o processo de compra e venda de veículos tanto online quanto nas salas de exposição. A plataforma aborda desafios comuns das concessionárias, como sobrecarga de decisões, desconfiança do consumidor e gargalos no balcão, oferecendo roteamento inteligente de credores e processos de vendas simplificados. Ao incorporar soluções flexíveis em experiências de compra com marca, a AutoFi permite que concessionárias, fabricantes (OEMs) e marketplaces envolvam clientes a qualquer hora e em qualquer lugar, ajudando-os a vender de forma mais inteligente e melhorar a rentabilidade. Estabelecida em 2016, a AutoFi foca em capacitar equipes de vendas para uma operação eficiente e satisfação aprimorada do cliente, fornecendo ferramentas para facilitar vendas mais rápidas e melhores decisões de credores.

Descrição

• Define, implement, and maintain security practices, standards, and controls across AutoFi’s products, services, cloud environments, and internal systems. • Partner with engineering and product teams to conduct security design reviews for new features, architecture changes, sensitive workflows, and production-bound implementations. • Design and implement security standards and secure development practices across engineering teams. • Champion security-related activities throughout the software development lifecycle, including secure design, threat modeling, secure coding practices, security testing, and risk-based remediation. • Implement, operate, and improve DevSecOps tooling and processes, including SAST, DAST, SCA, secret scanning, dependency analysis, and other application security controls. • Assess infrastructure, web applications, and cloud environments to help identify, prioritize, and drive remediation of security risks. • Triage vulnerability findings from application security tools, penetration tests, vendor assessments, external reports, and internal reviews. • Conduct proactive threat hunting using available telemetry from cloud environments, application logs, WAF events, identity systems, endpoint signals, and security platforms. • Support continuous improvement of AutoFi’s security operations processes, including alert tuning, detection logic, workflow automation, and post-incident lessons learned. • Assist in defining, implementing, and maintaining third-party risk management policies, procedures, standards, and assessment workflows. • Conduct and support vendor security assessments • Identify, document, and help reduce risks related to third-party vendors, SaaS platforms, integrations, service providers, and business partners.

🎯 Requisitos

• 6+ years of experience in security engineering, application security, cloud security, security operations, or a related security function. • Experience designing and implementing security controls for modern SaaS, cloud, web application, and API environments. • Hands-on experience with application security practices, including secure design reviews, threat modeling, secure code review, vulnerability assessment, and OWASP-based testing methodologies. • Strong understanding of SAST, DAST, IAST, and SCA tooling • Experience with web & cloud security controls/frameworks • Familiarity with network and web application protocols (HTTP/S, SAML 2.0, OAuth, Rest APIs) • Experience with SIEM platforms, alert triage, security investigations, detection workflows, and incident response procedures. • Familiarity with indicators of compromise, indicators of attack, threat hunting techniques, and incident escalation processes. • Industry experience building data-driven applications with Javascript, Node.js, and NoQSL. • Minimum BS/BA in Cybersecurity, Information Security, Computer Science, or relevant degree, with the ability to demonstrate sophisticated logical thought processes. • Ability to communicate security risks clearly to engineering, product, compliance, business, and executive stakeholders. • Comfortable operating in a fast-paced environment with evolving priorities and shared ownership across multiple security domains.

🏖️ Benefícios

• We offer full training and a competitive total rewards package along with great benefits • Medical, Dental & Vision coverage - 100% premium coverage for employee / 50+% for dependents • Flexible work hours • Remote environment • Competitive pay • Visionary leadership team • Growth opportunities within a dynamic culture • Wellness & cultural initiatives (fitness challenges, wellness webinars, virtual games, regional activities, etc.) • Up to $1K per year for employee professional development • Stock options - we are all owners!