Senior Security Engineer (DevSecOps)
Description:
Job Description
About Carvana"We believe CVNA is in the early stages of becoming the next U.S. retail category killer." – Stephens Investment Bank, Analyst Report, Sept. 2024
Building leading-edge technology has been at the core of Carvana's strategy since our founding, driving us to become the 3rd fastest company in history to organically reach the Fortune 500 following only Amazon and Google. Today, we remain founder-lead and as ambitious as ever. In 2024, we have not only emerged as the fastest growing automotive retailer, but also the most profitable thanks to our deep vertical integration across retail, lending, vehicle transportation, wholesale auctions, and more. If you want to grow not just as an Engineer but as a leader and business-builder, Carvana is the place for you. Our technology teams build:
End-to-end ecommerce for both selling and buying cars, including everything you see on Carvana.com and in our mobile apps.
AI-driven customer support across chat, email, SMS, and voice, as well as a proprietary CRM platform to ensure the most efficient and highest quality customer experience.
360 ree; vehicle photography and interactive merchandising using cutting edge computer vision and AI techniques.
The most sophisticated and self-service automotive lending platform in the world.
Systems and tools behind a nationwide logistics network that has delivered and picked up over 3 million cars via our fully owned and operated fleet of automotive haulers, efficiently managing distribution of our massive inventory to 85% of US driveways.
Enterprise grade systems for operating the largest vehicle reconditioning facilities in the US, with workflow and automation to guide the work for everything mechanical, electrical, and cosmetic needed to bring each car to our high standards.
Early adoption and customization of AI tools for optimizing our Developer efficiency and experience.
And much, much more…THIS IS A 100% ON-SITE POSITION FROM OUR HQ IN TEMPE (Monday through Friday)About the team and position:
Carvana's DevSecOps team builds and supports the greatest things you'd find in and around Carvana.com! This role ensures that our applications, services, and websites are designed and implemented with security by design, while also fortifying our security infrastructure. You will be responsible for discovering and addressing security risks, issues, and threats across the entire development lifecycle. This includes building security automation to enable secure development practices, evangelizing security with our engineering teams, and working closely with our Principal C# Engineer and Senior DevSecOps Engineer to fortify our Identity Provider (IdP) systems, manage edge security processes, and ensure the integrity of our microservices architecture.What you'll be doing...
Collaborate with infosec, appsec, engineering teams, product managers, and other stakeholders to solve complex auth and security challenges.
Design, develop and deploy solutions to ensure that data, users' identities, and authentication processes are secure and compliant with industry standards.
Work with cloud systems, pipelines, and resources.
Learn and implement the evolving security &
authentication standards, technologies, approaches, and participate in bringing software engineering in Carvana to the next level.What you should know...
At least 6 years of software development, with consistently advancing skills and responsibilities
Experience with microservice driven web application development
Deep understanding of .NET Core and C#
Expert level knowledge of identity solutions and related integrations such as Okta, Auth0, and similar IdP platforms.
Expert level knowledge of authentication and authorization standards, protocols, and frameworks such as OpenID, OAuth2, SAML, JWT, X.509, MTLS, DPoP and key related security concepts such as MFA.
Strong level experience integrating applications with IdP providers for SSO.
Experience implementing RBAC and ABAC models.
Experience developing federations, integrations or customizations of the identity platforms needed to meet the business objectives.
Experience conducting threat modeling and risk assessments of access systems, demonstrating clear ability to identify design flaws.
Good communication and collaboration skills - Carvana developers work very closely with strong supporting teams and require great interpersonal skills including a positive attitude and sense of humorIt would also be great if you had...
Experience working in a cloud-based software development environment, preferably with Azure
Experience in container-oriented architecture using Docker and Kubernetes
Experience with reverse proxies such as Nginx, etc.
Understanding of DevOps best practices and principlesWhat we'll offer in return
Be part of a forward-thinking team that values innovation and collaboration.
Opportunity to work on cutting-edge technology solutions.
Comprehensive compensation package including competitive salary, 401K with company match, a wide range of perks (such as student loan payments and vehicle discounts), and a robust wellness program.
Extensive professional development opportunities including training.
Scholarships and discounts for ASU Online.
Culture of internal promotions in a dynamic, rapidly growing company.Legal Stuff
Hiring is contingent on passing a complete background check. This role is not eligible for visa sponsorship.
Carvana is an equal employment opportunity employer. All applicants receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, marital status, national origin, age, mental or physical disability, protected veteran status, or genetic information, or any other basis protected by applicable law. Carvana also prohibits harassment of applicants or employees based on any of these protected categories.
Please note this job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Full-time