[Remote] Senior Engineer, Security Operations
Note: The job is a remote job and is open to candidates in USA. ACV Auctions is a technology company revolutionizing the automotive industry by providing innovative solutions for buying and selling cars online. The Senior Engineer, Security Operations will be responsible for maturing the Security Operations program and ensuring the overall security posture of the organization by leading threat hunting and incident response efforts.ResponsibilitiesLead proactive, hypothesis-driven threat hunting across endpoint, cloud, and identity environmentsDevelop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platformsMap adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverageAnalyze threat intelligence and emerging attack patterns to strengthen defensesLead and scale cybersecurity operations across enterprise or multi-tenant environmentsOversee incident triage, investigation, containment, and remediationAct as escalation point for high-severity incidentsImprove alert fidelity and reduce false positives through tuning and automationMature the alert and incident management tracking systemsStandardize workflows and playbooks to ensure operational consistencyDesign and implement incident response frameworks and playbooksLead response efforts for advanced threats across environments supporting up to large user basesConduct root cause analysis and post-incident reviewsAutomate response actions to reduce mean time to detect/respond (MTTD/MTTR)Secure multi-cloud environments (AWS, GCP) through posture management and configuration monitoringDetection of Zero Trust principles and violations across identity and access management systemsStrengthen controls within platforms such as, CASB and DLP solutionsAutomate workflows and security operations processes for tracking the remediations actioned against the environmentIntegrate tooling and orchestrate response using SOAR or similar platformsContinuously improve detection capabilities and operational efficiencyDeliver AI enabled automations and tooling for the ACV Security Operations CenterDeliver executive-level reporting (MBRs/QBRs) on security posture, threats, and riskTranslate technical findings into business-relevant insights to present to external stakeholdersCollaborate cross-functionally with IT, engineering, and leadership teamsPerform additional duties as assignedSkills8+ years' experienceMinimum of a 4 year Bachelor's degreeStrong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls)Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environmentsExperience with Fintech companies is desirableExperience with modern software development including Agentic and Generative AI techniquesFamiliarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS frameworkExcellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholdersAbility to work effectively in a remote environment and manage geographically dispersed teamsExcellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levelsKnowledge of CASB, DLP and SASE technologiesProven ability to be agile and work effectively in a dynamic environmentDemonstrated ability to perform under pressure and respond rapidly to emerging incidents and situationsExcellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environmentShould be a creative and analytical problem solver with a passion to provide excellent customer servicePractical hands-on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platformsLinux and Kubernetes/Container management and securityDevOps code based implementation and managementKnowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security CenterUnderstanding of TCP/IP Networking including knowledge of Protocols and ServicesUnderstanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts CompromisedOverall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the businessBenefitsMultiple medical plans including a high deductible, low cost health planCompany-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life InsuranceComprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness InsuranceGenerous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulationEmployee Stock Purchase Program with additional opportunities to earn stock in the CompanyRetirement planning through the Company’s 401(k)Company OverviewACV is a high growth technology company that provides a vibrant digital marketplace for wholesale vehicle transactions and data services. It was founded in 2014, and is headquartered in Buffalo, New York, USA, with a workforce of 1001-5000 employees. Its website is https://www.acvauctions.com/.