Senior Security Engineer (Threat and Vulnerability)

Octane® is revolutionizing recreational purchases by delivering a seamless, end-to-end digital buying experience. We connect people with their passions by combining cutting-edge technology and innovative risk strategies to make lifestyle purchases - like powersports vehicles, RVs, and OPE - fast, easy, and accessible.

Octane adds value throughout the customer journey: inspiring enthusiasts with our editorial brands, including Cycle World® and UTV Driver®, instantly prequalifying consumers for financing online, routing customers to dealerships for an easy closing, and supporting customers throughout their loan with superior loan servicing.

Founded in 2014, we’re a company with 550+ employees and over 30 OEM and 4,000 dealer partners.

Octane is seeking an experienced Senior Security Engineer specialized in Threat and Vulnerability. This role is responsible for designing, implementing, and maintaining a Security Operations Center (SOC) and Incident Response program to enhance the company’s security posture. The position involves developing and integrating security technologies such as SIEM, SOAR, and threat intelligence platforms, as well as maintaining integrations with key security tools. The role includes designing alerts, metrics, and dashboards to monitor security incidents, collaborating with cross-functional teams to investigate security threats, and mentoring junior engineers on best practices. Additionally, the role requires expertise in cloud security, automation, and infrastructure protection, along with hands-on experience responding to security incidents. Ideal candidates have at least seven years of experience in security operations, strong scripting and integration skills, and familiarity with tools like Datadog, Splunk, and Terraform. Relevant security certifications are a plus. The preference is for this role to be hybrid based in our Dallas/Irving, Texas or NYC office, but will be open to remote candidates as well. 

Responsibilities: 

• Design, implement, and maintain a comprehensive Security Operations Center (SOC) and Incident Response program to improve the security posture of the company
• Develop, integrate, and automate security technologies such as SIEM, SOAR, and Threat Intelligence platforms to enhance security signal sources and incident response capabilities
• Develop and maintain integrations with security tools such as IdP, SASE, and EDR. Aggregate security signals such as end-user and production environment logs
• Design and implement alerts, metrics, runbooks, and dashboards to track security posture and incident response efforts
• Develop and maintain relationships with key stakeholders across the engineering department to ensure effective collaboration and communication
• Mentor and coach junior engineers on the team and across the engineering organization on SOC and Incident Response best practices
• Respond to security incidents and injection requests in a timely and efficient manner, and support the team's after-hours on-call schedule
• Collaborate with Engineering, IT, and other teams to investigate potential security issues, review logs for evidence of compromise, and lead security-related tasks
• Design and implement security architectures and solutions to protect infrastructure and workload environments
• Stay up-to-date with evolving security threats and technologies, and apply that knowledge to improve the company's security posture

Requirements:

• 7+ years of experience in Security Operations, Incident Response, or a related field
• 4+ years of experience designing, building, and running secure, fault-tolerant systems in cloud or virtualized environments
• Advanced knowledge of security technologies such as SIEM, SOAR, EDR, firewalls, and Threat Intelligence platforms
• Experience with scripting languages such as Python, PowerShell, or Bash
• Experience integrating tools using REST API connections
• Collaborated with distributed engineering teams and experience with cross-functional collaboration
• Background in security architecture and design, including experience with cloud security and infrastructure security
• Experience with security operations tools such as Datadog, Splunk, ELK
• Previously utilized infrastructure as code tools such as Terraform or Cloudformation/CDK
• Experience designing and leading the incident response process for security incidents
• Relevant certifications such as CEH, SANS, CISM, CISSP are a plus
• Relevant security-focused degrees and certifications are preferred

Compensation

The role described above offers a base salary of $140,000 to $170,000.  Your offer will be based on the alignment of your qualifications with the requirements of the job, location, and internal equity.  In addition to the above-mentioned salary, Total Rewards include a corporate bonus program, stock option package, and benefits as outlined below.

Benefits:

• Robust Health Care Plans (Medical, Dental & Vision)
• Generous Parental Leave
• Flexible Time Off (FTO)
• Retirement Plan (401k) with company match!
• Educational Assistance/Tuition Reimbursement up to $3K/year 
• Life Insurance (Basic, Voluntary & AD&D)
• Short Term / Long Term Disability
• Robust Ancillary benefits including accident insurance, hospital insurance, etc
• Wellhub (Gympass) Wellness Benefit
• Powersports Safety Benefit

Disclaimer:  The above statements are intended to describe the general nature and level of work being performed by associates assigned to this classification.  They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.  All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Octane Lending is an equal opportunity employer committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other protected status with respect to recruitment, hiring, promotion and other terms and conditions of employment.

#LI-MZ1

#LI-Hybrid

#LI-Remote