Jobs
>
Tempe

    Application Security Engineer, Information Security - Tempe, United States - Carvana

    Carvana
    Carvana Tempe, United States

    4 weeks ago

    Carvana background
    Description
    Application Security Engineer, Information Security

    Tempe, Arizona

    About Carvana

    If you like disrupting the norm and are looking for a company revolutionizing an industry then you will LOVE what Carvana has done for the car buying experience.

    Buying a car the old fashioned way sucks and we are working hard to make it NOT suck. At Carvana, our customers can hop online to...
    Search and browse our inventory of over 20,000 vehicles that we own and certify.
    Narrow down search results using highly intelligent filtering tools/components.
    View vehicle details, Carfax reports, and 360 rotating studio images for every vehicle.
    Secure financing in minutes using Carvana's in-house service or their own bank.
    Interact with GUI components to easily customize loan length, down payment, and monthly payment.
    Generate, upload, and eSign all documents online (no ink necessary).
    Trade-in their existing vehicle or just sell it to Carvana (no purchase necessary).
    We are hiring an Application Security Engineer, Information Security to join our Information Security Team.

    In this role, you will be responsible for ensuring that our applications, services, and websites are designed and implemented with security by design.

    In this role, you will be responsible for discovering and addressing security risks, issues, and threats, building security automation to enable secure development lifecycle, and evangelizing security with our engineering teams.

    What you'll be doing
    Engineer, design, implement and configure security into the Secure Software Development Lifecycle (SSDLC) to ensure security by design.
    Execute security reviews, including but not limited to, requirements review, threat model, static code analysis, dynamic code analysis, etc.

    Introduce and implement security controls into the CI/CD pipeline and partner with engineering teams to increase adoption of automated security controls in CI/CD pipeline.

    Work independently and collaboratively to discover and remediate security risks and vulnerabilities discovered.
    Partner with engineering teams to ensure corporate-wide security policies, guidelines and best practices are implemented.
    Consult and advise development teams by serving as a Subject Matter Expert in the area of application security.
    Communicate complex technical security problems to technical and non-technical stakeholders.
    Identify trends in security issues discovered through SSDLC. Train the engineering and development teams on common security findings and appropriate ways to mitigate the risk.
    Evangelize security with our cross-functional stakeholders and engineering teams.
    Manage our private bug bounty and responsible disclosure programs through the vulnerability management lifecycle.
    Execute various penetration test initiatives aimed at proactively identifying security weaknesses in our information assets (e.g. network, infrastructure, web applications, APIs, mobile applications, etc).
    What you should have
    3+ years of experience as an Engineer or Developer.
    3+ years of experience in Cyber Security.

    Deep technical expertise and proficiency in OAuth 2.0 and hands-on experience in implementing an authentication service in a corporate network with many microservices.

    Deep technical expertise in various security domains such as web security (e.g. OWASP Top 10, CWE Top 25, etc.), secure coding practices, identity management, software development, cryptography, system administration, network security, etc.
    Strong technical knowledge and experience with common security libraries, controls, common security flaws, and secure coding practices.
    Hands on experience embedding security tooling into the Secure Software Development Lifecycle (SSDLC).
    Exceptional analytical and problem solving skills.
    Strong technical acumen, communication and influence skills.
    Self-starter that works with minimal guidance and supervision.
    Proven experience in recognizing complex problems and developing risk-based solutions to balance security and engineering requirements.
    Deep technical proficiency with various build technologies, code repositories, and CI/CD pipeline processes.
    Hands-on experience in cloud security environments (e.g. AWS, Azure, GCP, etc.) and containers (e.g. Dockers, Kubernetes, etc.).
    Proven ability to drive influence and drive change with stakeholders with varying opinions on security topics.
    It would be great if you also had
    Experience in working in a highly matrixed organization.
    Information Security Certification.
    What we'll offer in return
    Full-Time Salary Position with a competitive salary.
    Medical, Dental, and Vision benefits.
    401K with company match.
    A multitude of perks including student loan payments, discounts on vehicles, benefits for your pets, and much more.
    A great wellness program to keep you healthy and happy both physically and mentally.
    Access to training and conference opportunities as well as great on-the-job training.
    A company culture of promotions from within, with a start-up atmosphere allowing for varied and rapid career development.
    Other requirements

    To be able to do your job at Carvana, there are some basic requirements we want to share with you.

    Must be able to read, write, speak, and understand English.
    Requires excellent visual acuity and manual dexterity.
    Of course, we'll make any reasonable accommodations for those with disabilities to perform the essential functions of their jobs.
    Legal stuff
    Hiring is contingent on passing a complete background check. This role is not eligible for visa sponsorship.
    Carvana is an equal employment opportunity employer.

    All applicants receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, marital status, national origin, age, mental or physical disability, protected veteran status, or genetic information, or any other basis protected by applicable law.

    Carvana also prohibits harassment of applicants or employees based on any of these protected categories.

    Please note this job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.

    Duties, responsibilities, and activities may change at any time with or without notice.
    Apply for this Job

    Required
    First Name

    Last Name

    Email

    Phone

    Resume/CV

    (File types:
    pdf, doc, docx, txt, rtf)
    Drag and drop Resume/CV here to upload
    or
    (File types:
    pdf, doc, docx, txt, rtf)
    Drag and drop Cover Letter here to upload
    or
    Will you now or in the future require visa sponsorship?

    Are you able to sit on site in Tempe, Arizona for this position?

    How did you hear about this job? If referred by employee, please list employee's name:

    LinkedIn Profile

    By providing your phone number, you consent to Carvana contacting you via SMS regarding your job application and similar jobs that might be a good fit.

    Standard rates may apply. Consent is not a condition of employment. Opt-out anytime. We will not request nor should any personal information be provided.

    #J-18808-Ljbffr
  • Achieve

    Information Security Analyst Ii

    3 days ago

    Achieve Tempe, United States

    **Company Description** · Achieve is a leading digital personal finance company. We help everyday people move from struggling to thriving by providing innovative, personalized financial solutions. By leveraging proprietary data and analytics, our solutions are tailored for each s ...

  • TriWest Healthcare Alliance

    Director, Information Security

    2 weeks ago

    TriWest Healthcare Alliance Phoenix, United States

    **Profile**: · - We offer remote work opportunities (AK, AR, AZ, CA, *CO, FL, *HI, IA, ID, IL, KS, LA, MD, MN, MO, MT, NE, NV, NM, NC, ND, OK, OR, SC, SD, TX, UT, VA/DC, *WA, WI & WY only). Please note if you are not located in the Phoenix area, you may need to travel to our Corp ...

  • Amex

    Information Security Manager

    2 weeks ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • Amex

    Information Security Manager

    2 weeks ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • Silver Xis

    Information Security Analyst

    3 weeks ago

    Silver Xis Phoenix, United States

    **Job - Information Security Analyst** · **Type · - Contract** · **Rate · - $70-75/hr on W2** · **Onsite** · **Location - Phoenix, AZ** · Building plans, processes, and templates for recovery from scratch (bare bones) gathering info from HW, Applications, Data etc. · **Experience ...

  • Amex

    Information Security Manager

    1 week ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • General Dynamics Mission Systems, Inc

    Information Assurance Security Professional

    2 days ago

    General Dynamics Mission Systems, Inc Scottsdale, United States

    Basic Qualifications: · Bachelor's degree in a related specialized area or equivalent is required plus a minimum of 5 years of relevant experience; or Master's degree plus a minimum of 3 years of relevant experience. · **CLEARANCE REQUIREMENTS**: · Responsibilities for this Posit ...

  • Amex

    Information Security Manager

    2 days ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • Gen Digital

    Mgr, Information Security

    2 weeks ago

    Gen Digital Tempe, United States

    About Gen: · Gen is a global company powering Digital Freedom through consumer brands including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner. Our combined heritage is rooted in providing safety for the first digital generations. We bring leading technolo ...

  • TEKsystems

    Information Security Analyst

    2 weeks ago

    TEKsystems Tempe, United States

    Job Description · Job DescriptionFully remote role. · The Senior Analyst will be responsible for performing Digital Forensic Examinations and Incident Investigations on systems across multiple locations with the client. Reporting to regional management in San Jose, CA the success ...

  • Amex

    Information Security Manager-regulatory

    2 days ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • Amex

    Information Security Analyst-data Protection

    1 week ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • General Dynamics Mission Systems

    Information Assurance Security Professional

    2 weeks ago

    General Dynamics Mission Systems Tempe, AZ, United States

    Bachelor's degree in a related specialized area or equivalent is required plus a minimum of 5 years of relevant experience; or Master's degree plus a minimum of 3 years of relevant experience. CLEARANCE REQUIREMENTS: Department of Defense TS/SCI with Polygraph security clearance ...

  • Shutterfly

    Senior Information Security Analyst

    3 weeks ago

    Shutterfly Tempe, United States

    At Shutterfly, we make life's experiences unforgettable. We believe there is extraordinary power in the self-expression. That's why our family of brands helps customers create products and capture moments that reflect who they uniquely are. · This is an exciting time to join Shu ...

  • MUFG

    Information Security Risk Analyst

    3 weeks ago

    MUFG Tempe, United States

    Do you want your voice heard and your actions to count? · Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, ...

  • ACHIEVE

    Information Security Analyst II

    3 weeks ago

    ACHIEVE Tempe, United States

    Job Description · Job Description Company Description · Achieve is a leading digital personal finance company. We help everyday people move from struggling to thriving by providing innovative, personalized financial solutions. By leveraging proprietary data and analytics, our s ...

  • Amex

    Information Security Specialist-identity Control

    1 week ago

    Amex Phoenix, United States

    **You Lead the Way. We've Got Your Back.** · With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, ...

  • General Dynamics Mission Systems

    Information Assurance Security Professional

    2 weeks ago

    General Dynamics Mission Systems Tempe, United States

    Bachelors degree in a related specialized area or equivalent is required plus a minimum of 5 years of relevant experience; or Master's degree plus a minimum of 3 years of relevant experience. CLEARANCE REQUIREMENTS: Department of Defense TS/SCI with Polygraph security clearance i ...

  • Maricopa Community College District

    Information Security Officer Sr

    2 weeks ago

    Maricopa Community College District Tempe, United States

    · Information Security Officer Sr (2 openings) · Job ID: · Location: District Support Services Cntr · Full/Part Time: Full Time · Regular/Temporary: Regular · Salary Range · $99, $129,440.00/annually, DOE · Grade · 124 · Work Schedule · Monday - Friday, 8am - 5pm · Summe ...

  • Maricopa Community College district

    Information Security Officer Sr

    3 weeks ago

    Maricopa Community College district Tempe, United States

    Information Security Officer Sr (2 openings) · Job ID: · 319604 · Location: · District Support Services Cntr · Full/Part Time: · Full Time · Regular/Temporary: · Regular · Salary Range · $99, $129,440.00/annually, DOE · Grade · 124 · Work Schedule · Monday - Friday, 8a ...