Security Engineer II

About Tekion:

Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe.

As a part of the world-class engineering team, that is focused on solving some unique problems in the space (and one that has been delivering to commitments, as per our customer testimonials) we are expanding our product security team at Tekion. Our dev teams work at the most bleeding-edge tech stacks & on a variety of them. The pace at which things change makes it all the more challenging to solve the related security problems. To cherry the cake, we believe in guardrails over roadblocks as part of our tech culture at Tekion. This means that devs have the freedom to experiment & play with their tech, while we still ensure security remains paramount. To achieve the same we are in the process of expanding our product security vertical that aims at multiple endeavors including VA/PT of our products & infrastructure, dev-sec-ops practices & tooling implementation, tooling (OSS - huge fan, commercial, in-house built), processes improvements, enhancing our infrastructure security posture at scale, web & mobile application security at scale, IoT security, etc. The aim would always be to try shifting left as much as possible & to be innovative with implementing solutions at scale. And of course, to have fun while we do this.

What we are looking for?
Candidates with an overall of 4-6 years of product security experience.

What will you be required to do?
We value an open culture & appreciate people from varied security backgrounds and hence we are most willing to work with folks better than us, who can superman their way through at least (;)) 8 of the below.

Required Skills:
• Empathize with developers in a fast-paced dev culture.
• Understand information security concepts & be able to educate about the same to stakeholders.
• Find cool bugs in web/mobile/IoT applications/systems, REST APIs, & be able to spin up quick scripts to find the less cool ones.
• To whom jargon like DFDs, screen flows, app architecture, secure SDLC, CI/CD pipelines, IAC, lambdas, list comprehensions, IAM, cloud storage, ring a bell.
• Who understands finding the right balance between pursuing a bug to closure & letting the business take precedence.
• Can research & is solution-oriented than problem-oriented.
• You are comfortable working with others who may challenge your views.
• Enjoy solving challenging problems, finds hacking interesting and fun.
• Most importantly can get the job done, while still having fun.

Tekion is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, victim of violence or having a family member who is a victim of violence, the intersectionality of two or more protected categories, or other applicable legally protected characteristics. 

For more information on our privacy practices, please refer to our Applicant Privacy Notice here.