Lead Cybersecurity Software Engineer
Company: Cox Automotive
Location: Tucker
Posted on: July 15, 2025
|
|
|
Job Description:
A Lead Cybersecurity Software Engineer is focused on full stack
development of security tools that enable engineering teams to
securely develop their applications by building and deploying
securely. These tools range from web applications to command line
interfaces that are designed for internal engineering use to
simplify how they integrate and interact with secure pipeline
controls. This role will develop and operate tools in multiple
cloud environments where Cox Automotive has a large presence.
Engineering activities also include configuring vendor supplied
applications and integrating them. This role will report directly
to the Director of Security Engineering Enablement at Cox
Automotive. Primary Responsibilities Lead the development and
implementation of tools developed by Security Engineering
Enablement. Identify solutions to feature requests and map out
these solutions for implementation by the team. Mentor junior
developers on coding practices and secure design patterns.
Collaborate with threat detection and vulnerability management
teams to continuously improve capabilities and integration points
to support continuous control monitoring and reporting. Partners
with architecture, infrastructure and technology teams to review
existing architecture, identify gaps and recommend security
enhancements. Conduct and/or review artifact analyses for
environmental applicability and remediation. Participate in
security events and incident response to identify gaps in current
design and propose solutions to prevent threats from reoccurring.
Research and evaluate emerging security trends, threats, and
technologies, and recommend appropriate solutions and enhancements.
Minimum Qualifications Bachelor's degree in a related discipline
and 6 years of experience in a related field. The right candidate
could also have a different combination, such as a master's degree
and 4 years of experience; a Ph.D. and 1 year of experience in a
related field; or 10 years' experience in a related field. At least
4 years focused on cybersecurity. Clearly articulate the objective
of specific cybersecurity policies and procedures to technical and
non-technical stakeholders. Excellent customer service skills,
writing, and presentation skills. Develop a strong and productive
working environment with key stakeholders and collaborate closely
with other Cox entities' cybersecurity teams to implement
cybersecurity best practices. Consultative nature to work through
controversial or complex topics to employees, leaders, and/or
senior leadership. Evaluate risks and make informed decisions based
on impact and likelihood of the risk to the business. Proficient in
Python and expertise in developing applications with C#, Java, or
Go. Proven and demonstrable experience with front end or JavaScript
frameworks like Typescript and Node.js. Knowledge of current
cybersecurity and technology architectures such as zero trust,
IaaS, PaaS, SaaS, virtualization, and containerization. A strong
understanding of cloud containers and/or serverless platforms
(e.g., EKS, ECS, Lambda, Fargate). Experience with AWS and another
cloud infrastructure (GCP, Azure, or OCI) and services and
on-premises infrastructure. AWS Well-Architected Framework.
Extensive technology knowledge and recognized expertise in several
areas including .NET framework, Mono, Spring frameworks, Oracle,
serverless, cloud patterns, cloud service and user authentication
or similar. Creatively solving complex cybersecurity challenges
while exhibiting solid, pragmatic business acumen. Experience
utilizing Agile methodologies and DevSecOps. Initiating change and
deploying solutions in Fortune 1000 companies. Knowledge of
cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and
industry relevant regulations that will guide architectural
requirements (e.g., GDPR, FFIEC, GLBA). Preferred Qualifications
Experience with security testing tools such as Veracode, Fortify,
BurpSuite, and Wiz. Familiarity with Infrastructure as Code
technology such as Terraform. An understanding of deployment
methodologies like Blue/Green, Canary, etc. Familiarity with
various Cloud monitoring tools (CloudWatch, New Relic, Splunk).
Comfortable with build and deploy tools such as Github Actions.
Comfortable with trunk-based development and Github as a code
repository. Experience with artifact repositories. Experience in
the development and design of cybersecurity standard methodologies
to all layers of the hosting and application stack in both cloud
and on-premises environments. Knowledge of Identity and Access
Management (IAM), cryptography / key management, secrets
management, access controls and security protocols (e.g.,
multi-factor, SAML, OAuth, OIDC). Experience with firewall, web
application firewalls, and other edge services as well as deep
understanding of DMZ and other network architectures. Experience in
national critical infrastructure industries (telecommunications,
financial services, defense, government, etc.). Big four consulting
or Fortune 500 company experience. Relevant industry certification
(e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA). USD 119,600.00 -
199,400.00 per year Compensation: Compensation includes a base
salary of $119,600.00 - $199,400.00. The base salary may vary
within the anticipated base pay range based on factors such as the
ultimate location of the position and the selected candidate's
knowledge, skills, and abilities. Position may be eligible for
additional compensation that may include an incentive program.
Benefits: The Company offers eligible employees the flexibility to
take as much vacation with pay as they deem consistent with their
duties, the company's needs, and its obligations; seven paid
holidays throughout the calendar year; and up to 160 hours of paid
wellness annually for their own wellness or that of family members.
Employees are also eligible for additional paid time off in the
form of bereavement leave, time off to vote, jury duty leave,
volunteer time off, military leave, and parental leave.
Keywords: Cox Automotive, North Atlanta , Lead Cybersecurity Software Engineer, IT / Software / Systems , Tucker, Georgia
