We’re AutoGravity

AutoGravity is auto financing in the palm of your hand.  We are re-imagining auto finance and building a digital platform that brings transparency and simplicity, putting consumers in control of their car buying experience.  In the process, we are improving the lives of shoppers, dealers, and lenders along the way.  We are well-funded and headquartered in beautiful Irvine, California.  We have an incredible team of auto finance experts, startup veterans, and product gurus. 

All we need now is you.

Introducing our Engineering team

Our engineering team builds elegant and scalable solutions for auto financing problems, delivering delightful experiences to our end-users.  We are the technical heart of AutoGravity and maintain a strong engineering culture that emphasizes innovation, growth, and development.

As a Sr. Security Engineer, you will play a major role in the developing our core back-end infrastructure and building integrations with out platform partners. More specifically, you will:

  • Build, implement and monitor security measures for the protection of AutoGravity products; set security requirements, design, and architecture based on threat models, testing results, attacker perspectives and data flow
  • Identify and define system security requirements
  • Design computer security architecture and develop detailed cyber security designs for your projects
  • Prepare and document standard operating procedures and protocols
  • Generate comprehensive reports which include assessment-based findings, outcomes and propositions for future system security enhancement
  • Improve our code quality through writing unit tests, automation and performing code reviews
  • Share technical solutions and product ideas through design review, pair programming, and technological discussions to ensure that AutoGravity knows as much as possible, as quickly as possible about security incidents
  • Work seamlessly in an agile environment with product managers, BAs, and designers to understand end-user requirements
  • Develop technical solutions and new security tools to help mitigate security vulneralibilities and uatomate repeatable tasks
  • Troubleshoot and configure security infrastructure devices
  • Pitch in and support other functions (e.g. product) as needed 

As a Sr. Security Engineer, you will need:

  • 5+ years of proven experience as as system security engineer or information security engineer with a focus on applications in highly regulated financial applications
  • 2+ years of experience in AWS services (CodeDeploy, CodePipeline, CloudFormation, EC2, etc.). Comprehensive understanding of the latest security principals, techniques and protocols within AWS. Practical knowledge of networking for cloud-based internet application (load balancing, reverse proxies, DNS, CDN’s, firewalls, security applications)
  • Expereince in performing software security assesments including vulnerability assesments, pen tests, and secured code reviews. Experience in analysis and forensics for security incidents and fraud
  • Practiced experience with security assessment technologies and their field of use
  • Track record of architecting and maintaining complex, highly scalable and secure systems
  • Hands-on experience in working with security systems including firewalls, intruision dection systems, anti-virus software, authentication systems, log management and content filtering etc.
  • Experience with network security and networking technologies with system, security and networking monitoring tools
  • Comprehensive understanding of the latest security principals, techniques and protocols
  • Deep knowledge of security concepts such as (cloud) Authentication, Authorization, web attacks (DDOS, SQL injections, person-in-the-middle, etc), securing web application, payload encryption & decryption, environment security, etc.
  • Excellent problem solving skills and the ability to work under pressure
  • Practiced experience with security assessment technologies and their field of use
  • Demonstrated proficiency with developed framework languages (Java, C/C++ or C#)
  • Deep knowledge of security concepts such as (cloud) Authentication, Authorization, web attacks (ddos, sql injections, person-in-the-middle, etc), securing web application, payload encryption & decryption, environment security, etc.
  • Experience working in an agile development environment and conducting secure code reviews as well as continuous security testing
  • Deep knowledge of the basics:
    • Open Source Frameworks: Spring Boot, Hibernate, etc.
    • Databases like MySQL or Mongo DB or Cassandra
    • Messaging Services Like Rabbit MQ or Active M​Q
    • Java, SQL, NoSQL
    • Continuous integration/deployment, performance/function testing, middleware ESB
  • (Required) Bachelor's or graduate degree in computer science or related field
  • (Preferred) security certification such as CISA, GCIA, GSEC, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP
  • (Preferred) Experience in auto and/or finance industry

Please note this position is not restricted solely to the responsibilities listed above and that the job scope and responsibilities are subject to change. 

To learn more and apply visit us at www.autogravity.com/careers 

Agency submissions are not permitted, with the exception of vendors that have been explicitly approved by AutoGravity. Interviews will take place after resumes have been screened. Please note this position is not restricted solely to the responsibilities listed above and that the job scope and responsibilities are subject to change. Interested applicants may apply through the website at www.autogravity.com/careers

AutoGravity is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under federal, state or local law, where applicable. 

Apply for this Job
* Required
File   X
File   X


Share this job: