Security Director
At Edmunds we’re driven to make car buying easier. Ever since we began publishing printed car guides in the 60’s, the company has been in the business of trust, innovating ways to empower and support car shoppers. When Edmunds launched the car industry’s first Internet site in 1994, we established a leadership position online and have never looked back. Now, as one of the most trusted review sites on the Internet, millions of visitors use our research, shopping and buying tools every month to make an easy and informed decision on their next car. For consumers, we bring peace of mind. For dealers, we make tools to help them solve their problems and sell more cars. How do we do it, you ask? The key ingredients are our enthusiastic employees, progressive company culture and cutting-edge technology. Want to join the team? Read on to find out how!
What You’re Applying For:
As a Security Director, you will implement and support our information security practices within our operational infrastructure. The Security Engineer is responsible for ensuring that Edmunds` infrastructure has sufficient protections from security-based threats
What You’ll Do:
- Directly support compliance efforts with established security, confidentiality and privacy standards (e.g. PII, PCI, GLBA, NIST, OWASP, etc)
- Maintain responsibility for operational security practices through the identification and evaluation of security protection measures and controls around our technical operations infrastructure
- Conduct regular vulnerability assessments as well as penetration tests to discover weaknesses in system infrastructure and company practices
- Manage and implement security infrastructure including automated vulnerability assessment tools, Intrusion Detection Systems (office and cloud), and static/dynamic code analysis tools
- Provide timely response to suspected incidents, performing root cause analysis, documenting results, and working with staff to implement necessary remediations
- Ensure that production systems are patched against current known vulnerabilities
What You Need:
- 2-4 years of relevant experience, ideally in a similar environment
- Effective in a fast-paced environment with important deadlines
- Direct experience with intrusion detection, firewalls, and content filtering
- Familiarity with the security concerns of web applications and cloud environments
- Familiarity with designing secure networks, systems, and application architectures
- Experience planning, researching, and developing security policies, standards and procedures
- Ability to clearly and concisely explain security concepts and concerns
What our Technology stack looks like:
- Amazon Web Services, Google Cloud Platform, CDNs, Docker, Serverless, APMs
- MongoDB, Redis, DynamoDB, ActiveMQ, Nginx, Apache, Tomcat
- Java, NodeJS, Python, React, Go, Bash
Challenges:
- Agile and fast-paced environment where priorities may change
- Quickly getting up to speed and understanding Edmunds` technology stack
- Managing and administering legacy systems
Working @ Edmunds.com:
Employees think it’s a pretty great place to work and some pretty impressive publications think it is too: we have been recognized as one of the best places to work by the Fortune Magazine and Great Places to Work, LA Business Journal (for the last 6 years!), Computerworld, and Built in LA. We've also been identified as one of the best workplaces specifically in Technology and also for Diversity and Asian Americans. In fact, our CEO, Avi Steinlauf, was rated as one of Glassdoor's Highest Rated CEOs! If you’re interested in learning more and joining our mission, we’d love to hear from you!
Edmunds will consider for employment qualified candidates with criminal histories in a manner consistent with the requirements of all applicable laws.
*LI-POST