About the role:
As an IT Security Engineer, you’ll be an advocate for Enova’s future in IT Security and Compliance. You will have the opportunity to develop, implement and maintain security solutions and mechanisms throughout our corporate and production environments. Additionally, you will be responsible for setting the architectural direction and interfacing with business and technology groups throughout the organization to deliver cutting edge solutions.

What you'll be doing:

• Provide network and application security focused architectural guidance to IT teams.
• Continuously evaluate Enova's infrastructure (on-prem and cloud), propose enhancements and design changes as needed.
• Practice proactive maintenance to ensure proper security posture.
• Evaluate new technologies and trends, while making recommendations to improve the security of our environment.
• Collaborate with Product teams, Engineering, Development, and Compliance to ensure operational readiness of new solutions and ongoing optimization/improvement of existing solutions.
• Oversee and develop security standards based on security best practices.
• Develop a methodology for log aggregation, monitoring, and analysis to enable fast response to security events.
• Assist with framework development for internal pen test and vulnerability assessments.
• Respond to security incidents, assist with troubleshooting and provide on-call support as needed.
• Provide training and mentorship across IT teams.

We're excited about you if you have:

• Expertise with security events management and incident response procedures.
• Security operations experience and knowledge of IT security principles.
• Experience with large Linux environments.
• Experience with solution architecture/documenting software architectures.
• Experience with application security, secure SDLC and penetration testing.
• An understanding of DevOps principles, tools and the correlation with cloud architecture, as well as infrastructure-as-code and SRE principles.
• Familiarity with Cloud security fundamentals (AWS cloud platform preferred).
• Worked with AWS Security principles and services, AWS Config, IAM, WAF, GuardDuty and AWS networking from a security perspective.
• Experience with Terraform, Git or similar toolsets, as well as container security and Kubernetes.
• Familiarity with scripting and programming language frameworks.

About our Security team:
Our Security Engineering Team works alongside our Systems, Monitoring, Application Engineering, and Network Engineering teams to deliver top notch, secure infrastructure and automation solutions. We are experts in the IT security field, but are also well-versed in networking, applications, development life cycles, and automation techniques. We have passionate debates about technology with consensus in solutions, flexible team structures, an irrelevance of title in problem solving, and a desire to do the right thing.

Each member of our team works and supports all security tools and will never be limited to a specific solution allowing for continued growth. We currently use a multitude of Security tools such as Palo Altos, Cisco ASAs, F5 technologies, AWS security services, ForeScout, Proofpoint, CyberArk, Nessus and Splunk SIEM to provide security controls throughout the environment. Our server and application platform primarily runs on Vmware and several workloads exist in Amazon, with plans to expand services into the cloud.