CARFAX, Inc.
Senior Application Security Engineer
Columbia, MO
Nov 12, 2024
Full-time
Full Job Description

Join Team CARFAX as a Senior Application Security Engineer 

Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.  

We are seeking a highly skilled and motivated Senior Application Security Engineer to join our dynamic Information Security team. The ideal candidate will be responsible for ensuring the security of our applications by identifying, evaluating, and mitigating security vulnerabilities, as well as implementing best practices and security standards. This role offers an exciting opportunity to work with a diverse set of applications and technologies in a fast-paced and innovative environment.

At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Columbia, MO office subject to change with future business needs.

What you’ll be doing:

  • Conduct manual and automated security assessments of web, mobile, and cloud-based applications.
  • Implement and maintain application security testing tools (SAST, DAST, and IAST) and coordinate related vulnerability remediation activities.
  • Conduct & coordinate both internal and 3rd party penetration testing engagements.
  • Collaborate with development, DevOps, and infrastructure teams to integrate security practices into the Software Development Lifecycle (SDLC).
  • Prepare and present security reports to management, highlighting key metrics, risks, and mitigation strategies.
  • Identify and prioritize potential application security threats through the use of modeling and risk assessments.
  • Assist with the detection, triage, and response to security incidents, while conducting root cause analysis and post-incident reviews to improve security posture.
  • Develop and deliver security training and awareness programs for developers, QA, and other relevant teams.
  • Design, deploy, and maintain security solutions such as Endpoint Detection and Response (EDR), data-loss prevention (DLP), web application firewalls (WAF), zero-trust, and other security detection/prevention technologies.
  • Stay updated with the latest security trends, threats, and technology developments.
  • Evaluate new security tools and technologies to enhance the security posture of our applications.

What we’re looking for:

  • Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
  • Proven experience (5+ years) in application security, including security assessment, penetration testing, and secure code review.
  • Strong understanding of security principles, including OWASP Top Ten, CWE/SANS Top 25, and other industry-standard security frameworks.
  • Hands-on experience with security tools such as Burp Suite, OWASP ZAP, Veracode, Checkmarx, Fortify, Nessus, NMAP, Kali Linux etc.
  • Proficiency in one or more programming languages (e.g., Java, C#, Python, JavaScript).
  • Working knowledge of common web technologies like HTML, CSS, JavaScript, HTTP/HTTPS, APIs, etc as well as basic understanding of web application architectures (e.g., client-server model). 
  • Knowledge of cloud security principles and experience with cloud platforms (e.g., AWS, Azure, GCP).
  • Strong analytical and problem-solving skills, with the ability to think like an attacker to identify potential security weaknesses.
  • Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams and explain complex security concepts to non-technical stakeholders.
  • Careful approach to reviewing code, configurations, and application logic.

What’s in it for you:

  • Competitive compensation, benefits and generous time-off policies
  • 4-Day summer work weeks and a winter holiday break
  • 401(k)/DCPP matching
  • Annual bonus program
  • Casual, dog-friendly, and innovative office spaces
  • For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits

Don’t just take our word for it:

  • 10X Virginia Business Best Places to Work
  • 10X Washingtonian Great Places to Work
  • 9X Washington Post Top Workplace
  • 3X Louis Post-Dispatch Best Places to Work
PDN-9d77e281-d672-4cd7-92af-44f3f8ae5bef
Job Information
Job Category:
Information Technology
Spotlight Employer
Related jobs
FULL-TIME INSTRUCTORComputer Systems Networking and Telecommunications position available at theCentral PA Institute of Science and Technologyavailable immediately.Visit www.cpi.edu for moreinformatio...
Dec 8, 2024
Bellefonte, PA
Join Our Expanding Neurosurgery Team at UPMC Altoona!Are you passionate about making a difference in the field of neurosurgery? UPMC Altoona is excited to invite applications for a Full-Time Physician...
Dec 8, 2024
Altoona, PA
Construction
Confidential
CONSTRUCTION Moltz Constructors, Inc. is hiring Willing to travel and work in remote locations. Construction experience preferred Able to commute independently to and from work (reliable transportatio...
Dec 8, 2024
Castle Rock, CO
©2024 TalentAlly.
Powered by TalentAlly.
Apply for this job
Senior Application Security Engineer
CARFAX, Inc.
Columbia, MO
Nov 12, 2024
Full-time
Your Information
First Name *
Last Name *
Email Address *
Zip Code *
Password *
Confirm Password *
Create your Profile from your Resume
By clicking the Apply button, you agree to the terms of use and privacy policy.
Continue to Apply

CARFAX, Inc. would like you to finish the application on their website.

Ace your interview with AI-powered interview practice

Get comfortable talking to hiring managers, receive personalized feedback on areas for improvement, sharpen your ability to answer the most common questions, and build confidence in formulating strong responses on the spot. Click the button below to begin your three free virtual interviews!