Product Security Engineer (Remote)
Company: Enova International
Posted on: June 25, 2022
The health and safety of Enova's employees is our number one
priority. Proof of vaccination will be required regardless of work
location, unless prohibited by applicable state law. Employees may
request an exemption to the vaccination policy due to medical
reasons, sincerely-held religious beliefs, or as otherwise
permitted by applicable state law.
Enova is currently accepting candidates for remote positions in the
following eligible states: AZ, CT, ID, IL, IN, ME, MI, MN, NE, NV,
NJ, NM, NY, UT, WI.
About the role:
This is a hands-on role requiring in-depth knowledge of software
security principles. You will be responsible for enabling security
testing and enforcement across Enova Products. You will be
responsible for prioritization and implementation of various
DevSecOps projects and Tech initiatives which spans across all of
Enova Products. In addition, you will be responsible for conducting
application static code reviews, dynamic security assessments,
secure architecture reviews. You will be expected to have a
"can-do" attitude and work independently to drive solutions.
Enova's Security Engineering team designs, implements, and
administers the tools and mechanisms involved with providing end to
end IT security for Enova.
What you'll be doing:
- Be a DevSecOps Evangelist.
- Conduct code reviews and security testing for new projects and
- Knowledge of Integrating Security Testing into the CI/CD
- Expertise in API Security testing.
- Automate security testing and embed security testing into the
- Collaborate with architects, product managers, and other teams
to deliver high quality secure product
- Provide and Guide Secure Architecture Reviews.
- Perform internal/external application penetration tests.
- Lead projects independently while working collaboratively with
the team to ensure its success.
- Run annual application security training for software
We're excited about you if you have:
- Experience with security testing tools such as Kali,
Metasploit, Burp Suite, OWASP ZAP, etc.
- Proficiency with application pen testing and vulnerability
- Experience with OWASP security concepts and discovering
vulnerabilities such as XSS, XSRF, SQL Injection, Cookie
- Understanding of static code analysis products
An ideal candidate may also have:
- Experience in Container security and cloud
- OSCP, OSWE, SANs, AWS Security Speciality Certification,
Certified Kubernetes Security Specialist (CKS).
- Experience with threat modeling and attack surface design
About our team:
Our IT Security Engineering Team works alongside our teams in
Systems, Monitoring, Application Engineering, and Network
Engineering to deliver top notch and secure infrastructure and
automation solutions. We are experts in the IT security field, but
are also well-versed in applications, development life cycles, and
automation techniques. We have passionate debates about technology
with consensus in solutions, flexible team structures, an
irrelevance of title in problem solving, and a desire to Do The
Enova currently uses a multitude of Application Security tools such
as Checkmarx, Snyk, Burp Suite Pro, Anchore Container Security, AWS
(GuardDuty, SecurityHub), GoSec. Our server and application
platform primarily runs on Vmware and several workloads exist in
Amazon, with plans to expand services into the cloud.
Enova is a leading financial technology company providing online
financial services through its AI and machine learning powered
lending platform. Enova serves the needs of non-prime consumers and
small businesses, who are frequently underserved by traditional
banks. Enova has provided more than 7 million customers with over
$40 billion in loans and financing with market leading products
that provide a path for them to improve their financial health.
Want to learn more? Just ask any of our almost 1,500 employees.
Our goal at Enova, we believe that diversity and inclusion among
our teammates is critical to our success as a global company, and
we seek to recruit, develop and retain the most talented people
from a diverse candidate pool. It is our policy to provide equal
employment opportunity for all persons and not discriminate in
employment decisions by placing the most qualified person in each
job, without regard to any other classification protected by
federal, state, or local law. California Applicants: Click here to
Keywords: Enova International, Detroit , Product Security Engineer (Remote), Engineering , Detroit, Michigan
Didn't find what you're looking for? Search again!