Careers

Overview: We are seeking a highly motivated and experienced Threat Detection and Response (TDR) Engineer to build our Security Operations Center (SOC) and incident response capabilities. This is a critical leadership role responsible for protecting our SaaS platform, customer data, and the integrity of our wholesale automotive auction environment. You will be instrumental in establishing and maturing our security posture, driving automation, and ensuring the confidentiality, integrity, and availability of our systems and data, crucial for maintaining trust within the automotive wholesale marketplace. Responsibilities: Incident Response & Management: Lead all security investigations, incident coordination, and management related to security events. Develop, implement, and maintain a world-class Incident Response Policy, Process, and Procedure aligned with industry best practices (NIST, SANS) and relevant compliance requirements, specifically considering the sensitivity of financial transactions and vehicle data within the automotive wholesale space.SIEM Management: Design, implement, and maintain a robust Security Information and Event Monitoring (SIEM) system, integrating logs and events across our multi-tiered infrastructure. Develop and maintain a multi-year roadmap for SIEM enhancements and capabilities to proactively identify and respond to emerging threats.SOC Build & Operations: Oversee the complete build and ongoing operations of a follow-the-sun Security Operations Center (SOC) tailored to ACV Auctions’ specific requirements and risk profile. This includes managing alert prioritization, investigation, and escalation processes, while ensuring optimal performance and efficiency.SOAR Development & Automation: Lead the development and implementation of Security Orchestration, Automation, and Response (SOAR) workflows to automate repetitive tasks, improve response times, and enhance overall SOC efficiency. Identify, prioritize, and implement key automation opportunities on a regular basis.Detection & Response (TDR) Program: Develop and champion a comprehensive Detection and Response (TDR) program for the enterprise. Create and execute regular tabletop exercises and security testing activities to validate security controls, identify gaps, and improve security awareness across the organization, particularly around phishing and social engineering targeting our auction platform users.Security Brand & Leadership: Act as a security champion and mentor within the organization. Provide security operational leadership, proactively communicate security risks and best practices, and collaborate effectively with cross-functional teams (Engineering, Product, Operations, Compliance) to integrate security into all aspects of our business. "Sell" the importance of security throughout the organization and ensure buy-in from key stakeholders.Compliance & Risk Management: Stay abreast of relevant regulatory requirements (e.g., PCI DSS, GDPR, CCPA, data security standards specific to the automotive industry) and ensure our security practices align with these standards. contribute to risk assessments and mitigation efforts. Requirements: 8+ years’ experienceMinimum of a 4 year Bachelor’s degree,Ability to read, write, speak and understand English. Ability to read, write, speak and understand English. Excellent communication, interpersonal and leadership skills, with the ability to interact with staff at all levels. Knowledge of CASB, DLP and SASE technologies Proven ability to be agile and work effectively in a dynamic environment. Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations. Excellent coordination, project management, and organization skills and comfortable with multi-tasking in a high-energy environment. Should be a creative and analytical problem solver with a passion to provide excellent customer service. Practical hands-on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms. Linux and Kubernetes/Container management and security DevOps code based implementation and management Knowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security Center Understanding of TCP/IP Networking including knowledge of Protocols and Services Understanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised. Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business. #LI-AM3