Senior Security Engineer

Phoenix Headquarters

Full Time Senior-level / Expert
Carvana logo
Apply now Apply later

Posted 2 weeks ago

About Carvana

If you like disrupting the norm and are looking for a company revolutionizing an industry then you will LOVE what Carvana has done for the car buying experience. Buying a car the old fashioned way sucks and we are working hard to make it NOT suck. At Carvana, our customers can hop online to...

  • Search and browse our inventory of over 20,000 vehicles that we own and certify.
  • Narrow down search results using highly intelligent filtering tools/components.
  • View vehicle details, Carfax reports, and 360 rotating studio images for every vehicle.
  • Secure financing in minutes using Carvana’s in-house service or their own bank.
  • Interact with GUI components to easily customize loan length, down payment, and monthly payment.
  • Generate, upload, and eSign all documents online (no ink necessary).
  • Schedule front door delivery or pick up at one of our vending machines.
  • Trade-in their existing vehicle or just sell it to Carvana (no purchase necessary).

For more information on Carvana and our mission, sneak a peek at our company introduction video or learn more about what it’s like to work here from the people that already do

About the team and position

Working in the IT Team at Carvana you will notice that….

We need to be super approachable and always willing to go above and beyond to help our Carvana family. It could be as simple as connecting their monitor to as complicated as tuning their flux capacitor to precisely 1.21 gigawatts! We expect smart people who are doers with bright ideas, willing to put their game-face on, take on new challenges and juggle many assignments at once.

We are looking for an experienced Security Engineer who enjoys security work and has a wide breadth of knowledge in the security space. You will be part of a team that is responsible for the security of the Carvana environment, which includes on premise and cloud infrastructures. You will help make Carvana more secure by maintaining boundary defenses, keeping computer systems and connected devices secure against attacks, working with other teams to ensure secure configurations and implementations, and managing security tools. A significant portion of your day will be helping to mature the security architecture program by assisting other teams with developing secure infrastructures and applications. You will work directly with individuals to assist in making security based decisions for new and existing systems. 

Additionally, another large part of your day will be managing and maturing security tools. This would include troubleshooting issues, upgrading and patching systems, building better reporting and efficiencies in the tools and assisting others that may have less of an understanding on how to utilize them. You will also be expected to assist in any security incidents that arise. Furthermore, you will:

What you’ll be doing

  • Engineer, implement and administer security tools across the enterprise. 
  • Maintain network, infrastructure and application security. 
  • Define system security requirements. 
  • Be an integral member of projects teams that is responsible for the secure architecture of Carvana systems. 
  • Consult and provide security requirements and recommendations for ongoing projects and new system implementations. 
  • Take a risk based approach at reviewing systems or applications that do not meet security requirements or security policies and writing security exceptions when required. 
  • Work closely with the Security Operations and Incident Response Team to tune or develop solutions that provide them with essential information and capabilities. 
  • Resolve security related tasks from a ticketing queue.
  • Occasionally, serve as Tier 3 support for helpdesk/desktop support teams to help resolve security-based issues when needed.
  • Work with vendors to bring solutions to resolve current security issues and\or develop technical solutions to mitigate security vulnerabilities and automate tasks.
  • Create and document standards and operating procedures. 
  • Train junior members and members of other teams on Information Security.
  • Stay abreast of security news that could have an impact on the security of Carvana and offer solutions to mitigate potential risks. 

What you should have

  • 5+ years of enterprise security engineering experience. 
  • 5+ years of experience supporting a growth company using enterprise level infrastructure
  • Experience with anti-virus software, intrusion detection systems, next generation firewalls, SIEMs, content filtering and endpoint management software. 
  • Experience with PKI and the utilization of certificates. 
  • Experience with developing and managing a vulnerability management program. 
  • Experience designing secure networks, systems and application architecture. 
  • Experience securing cloud environments, GCP, Azure and AWS. 
  • Prior experience with large remote site security management
  • Ability to demonstrate understanding of how to implement into a secure infrastructure, as an early adopter of new technology, using proven technology to accomplish security objectives
  • Awareness of integrating network protocols as to how they relate to ensuring a secure environment.  (DNS, AD, DHCP, Radius) 
  • Solid understanding of network protocols, ports and methods. (mainly TCP/IP).
  • Understanding of current attack vectors and mitigation approaches. 
  • Strong familiarity with how to integrate broadband connectivity (SD WAN), data security, firewalls, VPNs, and the general processes centered around a datacenter environment securely.
  • Enterprise experience in understanding how to implement server virtualization security. Nutanix AHV preferred
  • Some batch or automation scripting skills

It would be great if you also had

  • Experience with authentication methods, Kerberos, SAML, OAuth, etc...
  • Experience with G-Suite and Google security features.
  • Knowledge of Iinternet security issues and the threat landscape.
  • Knowledge of network vulnerability scanning techniques and nmap.
  • Knowledge of host-based information security technologies such as Tanium and Crowdstrike.
  • Knowledge of the security implications involving a variety of technologies including but not limited to; Microsoft, Cisco, Palo Alto security devices, Unix/Linux, Nutanix, and other market leaders in technology solutions, including mobile devices.
  • Knowledge of IDS/IPS, firewalls, proxies, and other network security technologies.

What we’ll offer in return

  • Full-Time Salary Position with a competitive salary.
  • Medical, Dental, and Vision benefits.
  • 401K with company match.
  • A multitude of perks including student loan payments, discounts on vehicles, benefits for your pets, and much more.
  • A great wellness program to keep you healthy and happy both physically and mentally.
  • Access to training and conference opportunities as well as great on-the-job training.
  • A company culture of promotions from within, with a start-up atmosphere allowing for varied and rapid career development.
  • A seat in one of the fastest-growing companies in the country.

Other requirements

To be able to do your job at Carvana, there are some basic requirements we want to share with you.

  • Must be able to read, write, speak, and understand English.
  • Requires excellent visual acuity and manual dexterity.

Of course, we’ll make any reasonable accommodations for those with disabilities to perform the essential functions of their jobs. 

Legal stuff

Hiring is contingent on passing a complete background check.  This role is not eligible for visa sponsorship.

Carvana is an equal employment opportunity employer.  All applicants receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, marital status, national origin, age, mental or physical disability, protected veteran status, or genetic information, or any other basis protected by applicable law.  Carvana also prohibits harassment of applicants or employees based on any of these protected categories.

Please note this job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. 

Job tags: Architecture Automation AWS Azure DNS Go Google IDS Incident response IPS Linux Network security Nmap PKI TCP/IP Unix Vulnerabilities Vulnerability management
Job region(s): North America
Job stats:  12  1  0
Share this job: