15 days old

Lead Security Engineer

Cox Automotive
Atlanta, GA 30303
Apply Now
Apply on the Company Site
*Primary Location: *3003 Summit Blvd, Atlanta, GA, USA
*Division: *Cox Automotive
*Job Level: *Individual Contributor
*Travel: *No
*Schedule: *Full-time
*Shift: *Day Job
*Requisition Number: *202102341
*Job Summary:*


Due to current COVID-19 restrictions, this is a temporary work from home role but will ultimately work in the Cox Automotive offices in Atlanta, Georgia.


The *Lead Information Security Engineer* will be responsibile for all aspects of security testing to protect the organization from cyber threats; as well as for leading the application security initiatives in implementations / expansion / automation fo our DevSecOps program for continious testing as part of the SDLC. The lead will funcation as the point of contact for inquires related to trouble shooting implementation issues and vulnerabilities remediation. They will work in close partnership with senior business and technology leaders, application development team members, and engineering teams on implementing risk remediation and mitigation initiatives aligned with internal security policies.


*Primary Responsibilities:*




* Leading Application Security efforts (SAST & DAST) to ensure a secure SDLC in large scale environments.

* Securing applications in Cloud environments (AWS/Azure)

* Assist with remediation of vulnerabilities and potential issues found during penetration tests.

* Promote application security through the implementation of the DevSecOps program.

* Ability to work with APIs and Plugins to integrate AppSec tools into established CI/CD pipelines.

* Able to manually test, validate and articulate all vulnerabilities identified.

* Performs expert threat modeling to identify all possible attack vectors.

* Ability to create POCs to demonstrate vulnerability severity and potential impact.

* Review and analyze vulnerability data to identify security risks to the organizations network, infrastructure, and applications.

* Determine vulnerabilities that are false positives through code review and manual validation.

* Interpret the risk of vulnerabilities and communicate business impact and remediation actions to the technical teams and business leaders.

* Prepare security vulnerability and risk management reports for management.

* Coordinate remediation of vulnerabilities within established timeframes.

* Programing/Scripting experience highly desired.

* Understands and can articulate cyber security risks and appropriate controls to all levels of the organization.

* Implements automation by scripting and APIs to integrating security products.

* Performs testing of cyber security controls to ensure effectiveness against the latest threats.

* Support the development and deployment of innovative security solutions to safeguard assets, in the cloud and our data centers, while enabling the business.

* Proactively identify, evaluate, and assist in the mitigation of cybersecurity risks aligned with the organizations risk posture as well as business and operational objectives across an international footprint.

* Work closely with business, product, and technology teams to understand business objectives, initiatives, and ensure alignment with cybersecurity objectives and requirements.

* Review and analyze vulnerability data to identify security risks to the organizations network, infrastructure, and applications.

* Engage with the Cybersecurity, Security Awareness & Education, and Business Information Security teams to assist in effectively driving program maturity and mitigation of cybersecurity risks.

* Stay abreast of relevant international security regulations, laws, and technologies across and adjusting programs and processes as required.


Qualifications:

* Bachelors degree in Information Security, Computer Science, or equivalent combination of industry related professional experience and education.

* 7 + years experience in IT Security, Risk and/or Compliance or equivalent.

* 2- 5 years experience in a Pen-Testing role

* Strong experience in AWS and Azure

* Excellent organizational, project management, and follow-up skills.

* Excellent communication, presentation, and reporting skills

* One or more of GSEC, GCIA, GCIH, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)

* Network / System Administration experience

* Experience with scripting / automation / programming languages.

* Experience with Veracode, HP WebInspect, Qualys, Nessus, Splunk, ZAP, Burp Suite, Kali Linux, AWS.

* Ability to work in a fast-paced and dynamic environment

* Ability to work in a team and independently to fix issues with little or no supervision

* Excellent organizational, project management and follow-up skills

* Ability to build effective working relationships at all levels of the organization

* Excellent communication skills



Who We Are
*About Cox Automotive*
Theres nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like Dealer.com, Manheim and vAuto.

*About Cox *
We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at coxenterprises.com.
Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, [visit our benefits page](http://jobs.coxenterprises.com/life-at-cox/benefits/).
Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.
Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
Posted: 2021-06-04 Expires: 2021-07-19
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Lead Security Engineer

Cox Automotive
Atlanta, GA 30303

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast