Senior Application Security Engineer

Description

Join Team CARFAX as a Senior Application Security Engineer

Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We're more than just a company : We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.

We are seeking a highly skilled and motivated Senior Application Security Engineer to join our dynamic Information Security team. The ideal candidate will be responsible for ensuring the security of our applications by identifying, evaluating, and mitigating security vulnerabilities, as well as implementing best practices and security standards. This role offers an exciting opportunity to work with a diverse set of applications and technologies in a fast-paced and innovative environment.

At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs.

What you'll be doing :

• Conduct manual and automated security assessments of web, mobile, and cloud-based applications.
• Implement and maintain application security testing tools (SAST, DAST, and IAST) and coordinate related vulnerability remediation activities.
• Conduct & coordinate both internal and 3rd party penetration testing engagements.
• Collaborate with development, DevOps, and infrastructure teams to integrate security practices into the Software Development Lifecycle (SDLC).
• Prepare and present security reports to management, highlighting key metrics, risks, and mitigation strategies.
• Identify and prioritize potential application security threats through the use of modeling and risk assessments.
• Assist with the detection, triage, and response to security incidents, while conducting root cause analysis and post-incident reviews to improve security posture.
• Develop and deliver security training and awareness programs for developers, QA, and other relevant teams.
• Design, deploy, and maintain security solutions such as Endpoint Detection and Response (EDR), data-loss prevention (DLP), web application firewalls (WAF), zero-trust, and other security detection / prevention technologies.
• Stay updated with the latest security trends, threats, and technology developments.
• Evaluate new security tools and technologies to enhance the security posture of our applications.

What we're looking for :

What's in it for you :

Don't just take our word for it :

About CARFAX

CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX® Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world's largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell - Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE : SPGI). S&P Global is the world's foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.

CARFAX is an Affirmative Action / Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify.