Security Engineer II

About Tekion:

Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe.

Role Overview: As a Cloud Security Engineer, you will be responsible for designing and implementing security controls across our cloud platforms. You will work closely with development and operations teams to integrate security into our cloud architecture, ensuring data protection, threat detection, and compliance with industry standards.

Key Responsibilities: Cloud Security Architecture: Design and implement secure cloud architectures across multiple platforms (e.g., AWS, Azure, GCP). Define security frameworks and best practices to protect cloud resources and applications.

Risk Assessment and Compliance: Conduct comprehensive risk assessments of cloud services and applications. Ensure compliance with industry regulations (e.g., GDPR, HIPAA) and organizational security policies.

Identity and Access Management (IAM): Develop and enforce IAM policies, including role-based access control (RBAC) and least privilege principles. Implement identity federation, SSO, and multi-factor authentication (MFA) across cloud environments.

Threat Detection and Incident Response: Implement security monitoring solutions to detect threats and anomalous behavior within cloud environments. Develop incident response plans and playbooks specific to cloud incidents, ensuring rapid containment and remediation.

Automation and DevSecOps: Integrate security controls into CI/CD pipelines using Infrastructure as Code (IaC) practices. Automate security testing and compliance checks to ensure secure deployments.

Vulnerability Management: Conduct regular security assessments and vulnerability scans of cloud resources. Coordinate with development teams to prioritize and remediate identified vulnerabilities.

Security Awareness and Training: Develop training programs and workshops for engineering and operations teams to raise awareness of cloud security best practices and emerging threats.

Documentation and Reporting: Maintain up-to-date documentation of cloud security policies, procedures, and architecture diagrams. Generate regular reports for stakeholders detailing security posture, incidents, and compliance status.

Continuous Improvement: Stay informed about the latest cloud security trends, tools, and threat intelligence. Proactively recommend and implement improvements to cloud security strategies and practices.

Qualifications:

Experience: 3+ years of experience in cloud security engineering, with a focus on securing cloud environments and applications.

Technical Skills: Proficiency in cloud platforms (AWS, Azure, GCP) and their security services. Experience with security tools such as cloud access security brokers (CASB), SIEMs, and vulnerability scanners.

Knowledge of Security Frameworks: Familiarity with security frameworks and standards such as NIST, CIS, and ISO 27001.

Scripting and Automation: Experience with scripting languages (e.g., Python, Bash) and tools for automating security tasks and integrating security into DevOps workflows.

Certifications: Relevant cloud security certifications (e.g., CCSK, CCSP, AWS Certified Security – Specialty) are preferred.

Tekion is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, victim of violence or having a family member who is a victim of violence, the intersectionality of two or more protected categories, or other applicable legally protected characteristics.

Tekion's Applicant and Candidate Privacy Notice (including Tekion's California Privacy Policy for California residents) can be found here.