Sr. Security Applications Engineer

Senior Applications Security Engineer

About AutoFi:

Founded in 2015, AutoFi is an e-commerce software platform that connects an auto dealer’s customers to a network of lenders, allowing car buyers to purchase and finance a car entirely online. Our mission is to become the industry standard checkout experience for all online vehicle transactions. We are well-funded and backed by investors including Crosslink Capital, Ford, BMW iVentures and Mouro Capital.

Our team is diverse - spread out across the U.S. and Canada, we have backgrounds from finance and technology as well as deep experience in all areas of the auto space. We’re empathetic, gritty, curious, and humble owners of this business and are supported by some of the biggest names in the auto and financial industries as commercial partners.

We’ve never been more excited about the opportunity in front of us to help transition the auto industry from offline to online. If changing a trillion-dollar industry sounds exciting, we’d love to hear from you. Read more about us at www.autofi.com{: .postings-link}.

About the Role:

AutoFi is looking for a passionate and driven Senior Application Security Engineer.  You will work closely with development teams, product managers, and third-party groups to ensure AutoFi’s products & services are secure.

Responsibilities

●       Design and implement application security practices and standards

●       Develop tooling and automation to facilitate continuous testing

●       Lead application security reviews and threat modeling, including code review and dynamic testing

●       Educate the product delivery organization on security best practices and standards.

●       Develop security libraries and implement security bug fixes

●       Work with AutoFi’s security vendors to perform external penetration tests and build the company’s bug bounty program

Required Qualifications

●       6+ years of relevant, post-academic Software engineering experience with at least 2 years spent in an application security role.

●       Familiarity with common security libraries, security controls, and common security flaws.

●       Understanding of network and web related protocols

●       Experience with static & dynamic analysis, security code reviews, and application security frameworks (e.g. OWASP)

●       Industry experience building data-driven applications with Javascript, Node.js{: .postings-link}, MongoDB, Redis, Docker, or equivalent.

●       Comfortable in a fast-paced start-up environment.

Preferred Qualifications

●       Degree in computer science, cybersecurity, or related field

●       Understanding of data encryption and key management

●       Application security certification (e.g. CEH).

●       Prior Automotive or Fin Tech experience

AutoFi is an equal opportunity employer. Individuals seeking employment are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, gender identity or other protected status under all applicable laws, regulations, and ordinances.

#LI-REMOTE