Senior Security Engineer

🕒 vor 25 Tagen

🇺🇸 Vereinigte Staaten – Remote

💵 $175.000 - $185.000 / Jahr

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

AutoFi

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

💳 Fintech

☁️ SaaS

💰 €85.000.000 Series C im 2022-03

Fintech • Automotive • SaaS

AutoFi ist ein Unternehmen, das eine fortschrittliche, finanzzentrierte digitale Handelsplattform für Autohäuser bietet, mit dem Ziel, den Autokauf- und Verkaufsprozess sowohl online als auch in Showrooms zu optimieren und zu verbessern. Die Plattform adressiert häufige Herausforderungen von Autohäusern wie Entscheidungsüberlastung, Misstrauen der Verbraucher und Engpässe an den Schreibtischen, indem sie intelligentes Lenderrouting und vereinfachte Verkaufsprozesse anbietet. Durch die Integration flexibler Lösungen in gebrandete Kauferlebnisse ermöglicht AutoFi Händlern, OEMs und Marktplätzen, Kunden jederzeit und überall zu erreichen, um intelligenter zu verkaufen und die Rentabilität zu steigern. Gegründet im Jahr 2016, konzentriert sich AutoFi darauf, Verkaufsteams durch die Bereitstellung von Tools zur Beschleunigung von Verkäufen und besseren Kreditgeberentscheidungen zu unterstützen, um effizient zu arbeiten und die Kundenzufriedenheit zu erhöhen.

Beschreibung

• Define, implement, and maintain security practices, standards, and controls across AutoFi’s products, services, cloud environments, and internal systems. • Partner with engineering and product teams to conduct security design reviews for new features, architecture changes, sensitive workflows, and production-bound implementations. • Design and implement security standards and secure development practices across engineering teams. • Champion security-related activities throughout the software development lifecycle, including secure design, threat modeling, secure coding practices, security testing, and risk-based remediation. • Implement, operate, and improve DevSecOps tooling and processes, including SAST, DAST, SCA, secret scanning, dependency analysis, and other application security controls. • Assess infrastructure, web applications, and cloud environments to help identify, prioritize, and drive remediation of security risks. • Triage vulnerability findings from application security tools, penetration tests, vendor assessments, external reports, and internal reviews. • Conduct proactive threat hunting using available telemetry from cloud environments, application logs, WAF events, identity systems, endpoint signals, and security platforms. • Support continuous improvement of AutoFi’s security operations processes, including alert tuning, detection logic, workflow automation, and post-incident lessons learned. • Assist in defining, implementing, and maintaining third-party risk management policies, procedures, standards, and assessment workflows. • Conduct and support vendor security assessments • Identify, document, and help reduce risks related to third-party vendors, SaaS platforms, integrations, service providers, and business partners.

🎯 Anforderungen

• 6+ years of experience in security engineering, application security, cloud security, security operations, or a related security function. • Experience designing and implementing security controls for modern SaaS, cloud, web application, and API environments. • Hands-on experience with application security practices, including secure design reviews, threat modeling, secure code review, vulnerability assessment, and OWASP-based testing methodologies. • Strong understanding of SAST, DAST, IAST, and SCA tooling • Experience with web & cloud security controls/frameworks • Familiarity with network and web application protocols (HTTP/S, SAML 2.0, OAuth, Rest APIs) • Experience with SIEM platforms, alert triage, security investigations, detection workflows, and incident response procedures. • Familiarity with indicators of compromise, indicators of attack, threat hunting techniques, and incident escalation processes. • Industry experience building data-driven applications with Javascript, Node.js, and NoQSL. • Minimum BS/BA in Cybersecurity, Information Security, Computer Science, or relevant degree, with the ability to demonstrate sophisticated logical thought processes. • Ability to communicate security risks clearly to engineering, product, compliance, business, and executive stakeholders. • Comfortable operating in a fast-paced environment with evolving priorities and shared ownership across multiple security domains.

🏖️ Vorteile

• We offer full training and a competitive total rewards package along with great benefits • Medical, Dental & Vision coverage - 100% premium coverage for employee / 50+% for dependents • Flexible work hours • Remote environment • Competitive pay • Visionary leadership team • Growth opportunities within a dynamic culture • Wellness & cultural initiatives (fitness challenges, wellness webinars, virtual games, regional activities, etc.) • Up to $1K per year for employee professional development • Stock options - we are all owners!