Security Engineer II

About Tekion:

Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe.

As part of our world-class engineering team at Tekion, we are expanding our Product Security Engineering function. Our dev teams work across a variety of cutting-edge tech stacks in a fast-moving environment, which makes security both a challenge and an opportunity to innovate. We prioritize guardrails over roadblocks in our security culture, empowering developers to move fast while ensuring that security is built-in, scalable, and resilient.

The Product Security team is responsible for integrating security into all phases of the SDLC — from design through deployment — including infrastructure and application security, secure development practices, threat modeling, and DevSecOps automation.

Our mission includes:

• Driving secure-by-design principles across web, mobile, cloud, and IoT systems.
• Building and maintaining security automation tools for CI/CD pipelines.
• Enhancing our cloud infrastructure security posture at scale.
• Developing secure coding patterns, libraries, and guardrails for developers.
• Partnering with dev teams to identify and remediate security risks early (“shift-left” mindset).
• Conducting architectural reviews and risk assessments for new features or products.
• Assist engineering teams in performing threat modeling and working with them for effective mitigation techniques. 

What we’re looking for:

We value diverse security backgrounds and want to work with professionals who are passionate about engineering secure systems at scale.

Required Skills:

• Strong understanding of information security fundamentals and the ability to communicate them clearly to engineering and product teams.
• Hands-on experience with secure coding, DevSecOps, and security automation.
• Familiarity with application architecture, threat modeling, CI/CD pipelines, infrastructure-as-code (IAC), serverless, IAM, and cloud-native security.
• Experience integrating security controls into developer workflows.
• Penetration testing is optional and good to have. However, the ability to interpret results is a must.
• Comfortable collaborating across teams and challenging assumptions constructively.
• Solution-oriented, pragmatic, and focused on scalable risk mitigation.
• Proficiency in at least one programming language (Python, Bash, Java, etc.) for tool development and automation.

Tekion is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, victim of violence or having a family member who is a victim of violence, the intersectionality of two or more protected categories, or other applicable legally protected characteristics. 

For more information on our privacy practices, please refer to our Applicant Privacy Notice here.