ACV’s mission is to build and enable the most trusted and efficient digital marketplaces for buying and selling used vehicles with transparency and comprehensive data that was previously unimaginable. We are powered by a combination of the world’s best people and the industry’s best technology. At ACV, we are driven by an entrepreneurial spirit and rewarded with a work environment that enables each Teammate to impact the company from day one. ACV’s network of brands includes ACV Auctions, ACV Transportation and ACV Capital within its Marketplace Products as well as True360 and Data Services.
What you will do:
ACV Auctions is looking for a Cybersecurity Architect. The Cybersecurity Architect is someone who has a passion for building and managing Security Designs, Standards, Infrastructure and Business Processes. In this role, the Cybersecurity Architect will work closely with key stakeholders to review, recommend and implement best practices on data security, network security, cloud and application architecture. The Cybersecurity Architect should be hands-on in designing and implementing our architecture. This is a highly technical role that performs architecture, design, and engineering tasks of various complexities.
- Collaborate with and drive Technology Leadership to develop and drive roadmaps, and implement enterprise wide product and technology initiatives securely
- Collaborate with Strategic Business Leadership to develop and document Enterprise Risk Management practices and programs
- Establish a model of security for the cloud resources that support the ACV Platform (This includes the AWS and GCP along with nodes that host kubernetes clusters and other 3rd Party partners)
- Develop, implement and manage security standards, plans/roadmaps and operational processes
- Manage security alerts and provide incident response support services.
- Able to deploy and manage infrastructure and applications via code, CI/CD pipeline and Kubernetes
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
- Contribute to the development, improvement and operational management of Security Operations, monitoring and incident response practices, processes and solutions
- Design, deliver architecture guidance, lead proof-of-concept projects and adapt the Company’s network and cloud security infrastructure that are responsive to changes in regulations and risk
- Participate in 3rd party risk review and the security exception review process
- Align standards, frameworks and security with overall business and technology strategy
What you will need:
- Degree from an accredited College or University in Computer Science, Information Systems, Engineering or a related major OR equivalent work experience.
- Strong understanding of contemporary/advanced cloud and web-application development or source code review experience
- Knowledge of best security & architecture practices for securing the AWS (&GCP) platform and resources such as RDS, EC2, S3, etc.
- A background in general security capabilities such as identity and access management (IAM), encryption, multi-factor authentication, security information and event management (SIEM), and supporting technologies.
- Demonstrate experience and knowledge involving the development of multi-tier and cross-platform architecture plans to include enterprise workflows, and distributed intranet/internet architecture
- Experience and understanding of Infrastructure as Code, Automation, and Orchestration
- Development and/or architecture familiarity with modern mobile applications, specifically iOS and Android.
- Experience developing custom scripts or tools
- Experience working with vendors and managing PoC's
- Linux and Kubernetes/Container management and security
- Windows and Networking experience (Negligible)
- Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels.
- Proven ability to be agile and work effectively in a dynamic environment.
- Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations.
- Excellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environment.
- Should be a creative and analytical problem solver with a passion to provide excellent customer service.
- Understanding of TCP/IP Networking including knowledge of Protocols and Services.
- Understanding what Information or assets are of value to threat actors and how organizations are breached and customer accounts compromised.
- Overall understanding of the Security domain, Compliance, Business, Risk, Ops etc ALONG with its application to the business.
What we offer:
- Comprehensive benefits offerings for benefits eligible Teammates.
- Unique culture that truly values each and every Teammate.
- Career development and Future Growth Opportunities.
At ACV, we are committed to an inclusive culture in which every individual is welcomed and empowered to celebrate their true selves. We achieve this by fostering a work environment of acceptance and understanding that is free from discrimination. ACV is committed to being an equal opportunity employer regardless of sex, race, creed, color, religion, marital status, national origin, age, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know.