Tekion is expanding its product security team, focusing on solving unique security challenges in a fast-paced, bleeding-edge tech environment. The role involves VA/PT, Dev-Sec-Ops, tooling implementation, enhancing infrastructure security, and securing web, mobile, and IoT applications. The team values innovation, shifting left, and maintaining security while enabling developer freedom to experiment with technology.

Must Have

• Empathize with developers in a fast-paced environment.
• Educate stakeholders on information security concepts.
• Find bugs in web, mobile, IoT applications, and REST APIs.
• Develop scripts for security vulnerability detection.
• Familiarity with DFDs, app architecture, secure SDLC, CI/CD, IAC, IAM, cloud storage.
• Balance security closure with business priorities.
• Research and provide solution-oriented approaches.
• Collaborate effectively and challenge views constructively.
• Passion for solving challenging security problems.

Senior Security Engineer

About Tekion:

Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe.

As a part of the world-class engineering team, that is focused on solving some unique problems in the space (and one that has been delivering to commitments, as per our customer testimonials) we are expanding our product security team. Our dev teams work at the most bleeding-edge tech stacks & on a variety of them. The pace at which things change makes it all the more challenging to solve the related security problems. To cherry the cake, we believe in guardrails over roadblocks as part of our tech culture. This means that devs have the freedom to experiment & play with their tech, while we still ensure security remains paramount.

To achieve the same, we are in the process of expanding our product security vertical that aims at multiple endeavors including VA/PT of our products & infrastructure, dev-sec-ops practices & tooling implementation, tooling (OSS - huge fan, commercial, in-house built), processes improvements, enhancing our infrastructure security posture at scale, web & mobile application security at scale, IoT security, etc. The aim would always be to try shifting left as much as possible & to be innovative with implementing solutions at scale. And of course, to have fun while we do this.

What are we looking for?

Candidates with an overall of 5 - 8 years of product security experience.

What will you be required to do?

We value an open culture & appreciate people from varied security backgrounds and hence we are most willing to work with folks better than us, who can superman their way through at least (;)) 8 of the below.

Required Skills:

• Empathize with developers in a fast-paced dev culture.
• Understand information security concepts & be able to educate about the same to stakeholders.
• Find cool bugs in web/mobile/IoT applications/systems, REST APIs, & be able to spin up quick scripts to find the less cool ones.
• To whom jargon like DFDs, screen flows, app architecture, secure SDLC, CI/CD pipelines, IAC, lambdas, list comprehensions, IAM, cloud storage, ring a bell.
• Who understands finding the right balance between pursuing a bug to closure & letting the business take precedence.
• Can research & is solution-oriented than problem-oriented.
• You are comfortable working with others who may challenge your views.
• Enjoy solving challenging problems, finds hacking interesting and fun.
• Most importantly can get the job done, while still having fun.

Tekion is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, victim of violence or having a family member who is a victim of violence, the intersectionality of two or more protected categories, or other applicable legally protected characteristics.

For more information on our privacy practices, please refer to our Applicant Privacy Notice here.