Senior Security Engineer

• Advanced Detection Engineering: Designing and tuning high-fidelity detection logic and complex alerting telemetry to identify sophisticated adversary techniques (TTPs) that bypass standard security controls.
• Infrastructure Hardening & Segmentation: Engineering and implementing least privilege, code-based security controls for high-risk network zones; Debugging and optimizing intricate security policy enforcement conflicts within multi-cloud environments..
• Engineered Preventative Controls: Building and deploying custom security wrappers, hardened "Golden Images," and automated policy-as-code to programmatically prevent common attack vectors across the enterprise.
• Complex Firewall & WAF Optimization: Managing intricate firewall configurations, including deep packet inspection (DPI) tuning and custom WAF rule-writing for specialized web applications.
• Technical Benchmarking & PoC Execution: Leading the rigorous technical evaluation and stress-testing of new security technologies; performing deep-dive "bake-offs" to ensure tools meet high-performance requirements.
• Tier III Escalation & "Impossible" Debugging: Acting as the final technical authority for critical security outages or bypasses; debugging kernel-level security issues or complex system interactions that Tier II cannot resolve.
• Security Stack Performance Tuning: Optimizing the throughput, reliability, and resource consumption of security agents and platforms to ensure zero impact on production system performance.
• Advanced Security Automation (SOAR/API): Writing complex scripts and building custom API integrations to bridge gaps between security tools, enabling sophisticated, automated response workflows (SOAR).
• Autonomous Technical Delivery: Proven ability to drive multiple high-stakes technical projects from concept to execution with total autonomy and surgical precision.
• Technical Information Synthesis: Expertise in distilling highly granular technical data (e.g., packet captures, stack traces, raw logs) into actionable insights for both technical peers and non-technical leadership.

We are seeking a Senior Security Engineer with experience in advanced detection engineering, infrastructure hardening, and security automation. The Senior Security Engineer at OPENLANE, is a core contributor to the Office of the CISO. This role owns and matures specific domains of the Information Security program, providing both technical mentorship and hands-on engineering excellence. You will act as an authoritative security voice on cross-functional teams, proactively identifying risks and engineering complex solutions that align with OPENLANEs regulatory obligations and long-term security posture., * Autonomous. You can drive multiple high-stakes technical projects from concept to execution with minimal oversight.

• Highly analytical. You excel at distilling granular technical data into actionable insights for technical and non-technical audiences.
• Technically deep. You bring hands-on-keyboard expertise across multiple advanced security domains.
• Calm under pressure. You provide clear direction during high-impact security events.
• Collaborative. You elevate team performance through mentorship, documentation, and peer reviews., * Advanced Domain Mastery: In-depth technical proficiency and "hands-on-keyboard" experience in at least three of the following:
• Advanced Incident Response: Complex triage and remediation of multi-stage attacks.
• Network/System Hardening: Developing "gold standard" configurations for heterogeneous environments.
• Cloud Security Engineering: Deep technical knowledge of CSP primitives (AWS IAM, Azure NSGs, GCP Service Accounts) and automated deployment.
• Advanced SOC Analysis: Expert-level log correlation and hunting within massive datasets (SIEM/XDR).
• Threat Intelligence Integration: Demonstrated ability to ingest raw threat intelligence and convert it into custom defensive signatures or proactive system modifications.
• Scientific Problem Solving: Exceptional analytical skills with the ability to apply the scientific method to troubleshoot "ghost in the machine" security issues and validate the efficacy of new controls.
• Technical Initiative: Ability to work independently to identify security gaps and engineer solutions without waiting for a directive.
• High-Stakes Communication: Excellent interpersonal skills with the ability to maintain composure and provide clear technical direction during high-pressure security events.
• Technical Force Multiplication: Strong ability to elevate the team's technical ceiling through advanced peer reviews, "deep-dive" technical documentation, and hands-on mentoring of mid-level engineers.
• Specialized Knowledge Sharing: Experience developing and delivering high-level technical briefings and "brown-bag" sessions for engineering and DevOps teams on advanced security topics., * Bachelor's Degree in Computer Science or related field AND 5 years plus of dedicated IT Security experience OR 7+ years of equivalent IT experience with a strong focus on security.
• Proven expertise in evaluating information systems for threats and vulnerabilities and designing mitigation strategies.
• Demonstrated expertise in the management, optimization, and automation of security tools (e.g., SIEM, EDR, IDS/IPS, anti-virus, patch management, vulnerability management, application security static/dynamic analysis, etc.).
• Knowledge of security best practices, frameworks
• Deep understanding of application security concepts, secure coding practices, and DevSecOps principles.
• Relevant security certifications (e.g., CISSP, OSCP, CISM, GIAC certifications) are highly preferred; multiple certifications are a strong plus.
• Active participation and contribution to the open source and/or local IT/InfoSec community (e.g., presenting at conferences, contributing to tools) is a plus.

Nice to Have's:

• Relevant security certifications (e.g., CISSP, OSCP, CISM, GIAC).
• Experience contributing to open-source security tools or participating in the InfoSec community.
• Experience delivering technical briefings, brown-bag sessions, or advanced internal training.

• Competitive pay
• Medical, dental, and vision benefits with employer HSA contributions (US) and FSA options (US)
• Immediately vested 401K (US) or RRSP (Canada) with company match
• Paid Vacation, Personal, and Sick Time
• Paid maternity and paternity leave (US)
• Employer-paid short-term disability, long-term disability, life insurance, and AD&D (US)
• Robust Employee Assistance Program
• Employer paid Leap into Service Day to volunteer
• Tuition Reimbursement for eligible programs
• Opportunities to expand your skill set and share your knowledge across a publicly traded, global organization
• Company culture of internal promotions, diverse career paths, and meaningful advancement

At OPENLANE we make wholesale easy so our customers can be more successful. We're a technology company building the world's most advanced-and uncomplicated-digital marketplace for used vehicles. We're a data company helping customers buy and sell smarter with clear, actionable insights they can understand and use. And we're an innovation company accelerating the future of wholesale remarketing through curiosity, collaboration, and an entrepreneurial spirit. Our Values: Driven Waybuilders. We pursue challenges that inspire us to build, create, and innovate. Relentless Curiosity. We seek to understand and improve our customers' experience. Smart Risk-Taking. We transform risk into progress through data, experience, and intuition. Fearless Ownership. We deliver what we promise and learn along the way.