Security Operations Engineer II

🕒 May 29

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Credit Acceptance

Credit Acceptance

1001 - 5000 employees

Founded 1972

💸 Finance

💳 Fintech

Finance • Fintech • Automotive

Credit Acceptance is a company that specializes in providing auto financing solutions to individuals, including those with bad credit history or no credit history at all. With over 50 years of experience, Credit Acceptance has helped more than 4 million consumers secure financing for vehicle purchases. The company operates a network of over 15,000 dealers and offers customers the ability to pre-qualify for auto financing, which does not impact their credit score. Furthermore, Credit Acceptance provides educational resources and tools, such as payment and auto price calculators, to assist customers in managing their finances and understanding their credit options. The company's mission is to drive possibility by offering financial solutions that give individuals the opportunity to improve their financial situation and secure reliable transportation.

📋 Description

• Operate and tune enterprise security tools (EDR, SIEM/SOAR, WAF/proxy, email security). • Manage proxy filtering policies, exceptions, SSL inspection, and performance troubleshooting. • Build automation and playbooks (Python/PowerShell, SOAR, APIs) to streamline SecOps tasks. • Implement CI/CD pipelines and Infrastructure-as-Code workflows for consistent, auditable security configuration changes. • Author and tune detection rules; improve signal quality and reduce false positives. • Maintain and author health dashboards, uptime/coverage metrics, and change governance documentation. • Conduct knowledge transfers through runbooks, how-to guides, tabletop exercises, and lunch & learn training sessions. • Maintain upgrade schedules, license compliance, configuration baselines, and key/secret rotations. • Administer URL/category policies, SSL inspection, identity-aware policies, geo/risk-based controls, and performance troubleshooting. • Analyze block events for false positives; measure impact; retire exceptions on schedule and report residual risk. • Build and maintain an automation backlog in partnership with SecOps, prioritizing high-frequency, high-toil tasks. • Provide on-call support for tooling availability and ingestion/normalization issues. • Report on metrics (uptime, coverage, MTTR, lead time, change success rate, exception aging). • Keep documentation, diagrams, and asset inventories current. • As needed, monitor and respond to alerts raised by various toolsets as part of an ongoing 24/7 Security Operations Center. • Report outages or incidents following guidelines and procedures. • Detect, analyze, and respond to incidents, coordinate with other stakeholders for containing, eradicating, and recovering from an incident. • Assist in developing testing criteria to implement new signatures/rules. • Participate in on-call rotations, including nights, weekends, and holidays.

🎯 Requirements

• Bachelor’s degree in computer science, Information Systems, Data Science or closely related field of study or equivalent experience • Minimum 2 years of experience in cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), operations incident response, network security or security engineering • Basic experience administering, deploying and managing security tools. • Basic experience operating WAF/proxy and SIEM/SOAR. • Scripting in Python and/or PowerShell and building API integrations; JSON/YAML proficiency. • CI/CD and Git workflows; Infrastructure-as-Code for security configurations. • Basic understanding of TLS/SSL, HTTP, identity-aware policies, and egress/ingress routing. • Documentation discipline and change management (ITIL basics). • Ability to produce formal and informal reports, briefings, and analysis of security controls. • Experience with Endpoint Detection and Response (EDR) or Intrusion Detection System or Intrusion Prevention System (IDS/IPS) monitoring tools. • Understanding of MITRE ATT&CK Framework and Cyber Kill Chain flow • Understanding of incident response processes and risk management. • Preferred: Actively hold one or more of the following certifications: GSEC, GCIA/GCED, GCDA, AZ-500, SC-200/SC-100, Network+ or CCNA.

🏖️ Benefits

• Performance bonus • Allowances • Employer-paid insurance benefits • Flexible work options including work from home, on site and hybrid positions • Company provided technology packages for all Team Members • Collaborative atmosphere filled with forward-thinking Team Members • Extensive growth opportunities • Ongoing business training and career development opportunities • Competitive market-based salary with bonus compensation • Quarterly profit sharing and annual merit bonuses • Generous PTO and holidays that include 28.5 total days during first full year of employment • Excellent benefits package that includes 401(K) match, adoption assistance, parental leave, tuition reimbursement, comprehensive medical/dental/vision and many nonstandard benefits

Apply Now