Senior Engineer, Security Operations
Dayforce HCM, Inc., Buffalo, NY, United States
ACV is a technology company that has revolutionized how dealers buy and sell cars online. ACV Auctions Inc. has applied innovation and user‑designed, data‑driven applications and solutions to build the most trusted and efficient digital marketplace for sourcing, selling, and managing used vehicles with transparency and comprehensive insights that were once unimaginable.
Benefits
Multiple medical plans including a high deductible, low cost health plan
Company‑sponsored (paid) Short‑Term Disability, Long‑Term Disability, and Life Insurance
Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
Generous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulation
Employee Stock Purchase Program with additional opportunities to earn stock in the Company
Retirement planning through the Company’s 401(k)
Who we are looking for
The Senior Operations Engineer is a critical role responsible for the overall security posture of ACV Auctions Threat landscape. Reporting directly to the Director of Cybersecurity Operations, this individual will own and mature the Security Operations program, integrating security practices throughout the environment. This position requires a self‑motivated and highly organized engineer with excellent communication and technical skills.
Senior engineer is a technical leader who sets technical direction for security operations engineering initiatives. Leads complex, high‑impact projects and serves as the escalation point for difficult engineering challenges and opportunities. Drives innovation in security capabilities and represents engineering to the broader organization.
What you will do
Lead proactive, hypothesis‑driven threat hunting across endpoint, cloud, and identity environments
Develop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platforms
Map adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverage
Analyze threat intelligence and emerging attack patterns to strengthen defenses
Lead and scale cybersecurity operations across enterprise or multi‑tenant environments
Oversee incident triage, investigation, containment, and remediation
Act as escalation point for high‑severity incidents
Improve alert fidelity and reduce false positives through tuning and automation
Mature the alert and incident management tracking systems
Standardize workflows and playbooks to ensure operational consistency
Design and implement incident response frameworks and playbooks
Lead response efforts for advanced threats across environments supporting up to large user bases
Conduct root cause analysis and post‑incident reviews
Automate response actions to reduce mean time to detect/respond (MTTD/MTTR)
Secure multi‑cloud environments (AWS, GCP) through posture management and configuration monitoring
Detection of Zero Trust principles and violations across identity and access management systems
Strengthen controls within platforms such as CASB and DLP solutions
Automate workflows and security operations processes for tracking the remediations actioned against the environment
Integrate tooling and orchestrate response using SOAR or similar platforms
Continuously improve detection capabilities and operational efficiency
Deliver AI enabled automations and tooling for the ACV Security Operations Center
Deliver executive‑level reporting (MBRs/QBRs) on security posture, threats, and risk
Translate technical findings into business‑relevant insights to present to external stakeholders
Collaborate cross‑functionally with IT, engineering, and leadership teams
Perform additional duties as assigned.
What you will need
8+ years’ experience
Minimum of a 4 year Bachelor’s degree
Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls).
Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments. Experience with Fintech companies is desirable.
Experience with modern software development including Agentic and Generative AI techniques.
Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework.
Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders.
Ability to work effectively in a remote environment and manage geographically dispersed teams.
Knowledge of CASB, DLP and SASE technologies
Proven ability to be agile and work effectively in a dynamic environment.
Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations.
Excellent coordination, project management, and organization skills and comfortable with multi‑tasking in a high‑energy environment.
Should be a creative and analytical problem solver with a passion to provide excellent customer service.
Practical hands‑on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms.
Linux and Kubernetes/Container management and security
DevOps code‑based implementation and management
Knowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security Center
Understanding of TCP/IP Networking including knowledge of Protocols and Services
Understanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised.
Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business. #LI‑AM3
Our Values
Trust & Transparency | People First | Positive Experiences | Calm Persistence | Never Settling
At ACV, we are committed to an inclusive culture in which every individual is welcomed and empowered to celebrate their true selves. We achieve this by fostering a work environment of acceptance and understanding that is free from discrimination. ACV is committed to being an equal opportunity employer regardless of sex, race, creed, color, religion, marital status, national origin, age, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires reasonable accommodation, please let us know.
For information on our collection and use of your personal information, please see our Privacy Notice.
No immigration or work visa sponsorship provided for this position.
Compensation
The compensation range for this position is listed in the Job Details section at the bottom of this posting. Please note that final compensation will be determined based upon the applicant’s relevant experience, skill set, location, business needs, market demands, and other factors as permitted by law.
#J-18808-Ljbffr
Benefits
Multiple medical plans including a high deductible, low cost health plan
Company‑sponsored (paid) Short‑Term Disability, Long‑Term Disability, and Life Insurance
Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
Generous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulation
Employee Stock Purchase Program with additional opportunities to earn stock in the Company
Retirement planning through the Company’s 401(k)
Who we are looking for
The Senior Operations Engineer is a critical role responsible for the overall security posture of ACV Auctions Threat landscape. Reporting directly to the Director of Cybersecurity Operations, this individual will own and mature the Security Operations program, integrating security practices throughout the environment. This position requires a self‑motivated and highly organized engineer with excellent communication and technical skills.
Senior engineer is a technical leader who sets technical direction for security operations engineering initiatives. Leads complex, high‑impact projects and serves as the escalation point for difficult engineering challenges and opportunities. Drives innovation in security capabilities and represents engineering to the broader organization.
What you will do
Lead proactive, hypothesis‑driven threat hunting across endpoint, cloud, and identity environments
Develop and refine detection logic, correlation rules, and behavioral analytics within SIEM and EDR platforms
Map adversary tactics, techniques, and procedures (TTPs) to MITRE ATT&CK to improve detection coverage
Analyze threat intelligence and emerging attack patterns to strengthen defenses
Lead and scale cybersecurity operations across enterprise or multi‑tenant environments
Oversee incident triage, investigation, containment, and remediation
Act as escalation point for high‑severity incidents
Improve alert fidelity and reduce false positives through tuning and automation
Mature the alert and incident management tracking systems
Standardize workflows and playbooks to ensure operational consistency
Design and implement incident response frameworks and playbooks
Lead response efforts for advanced threats across environments supporting up to large user bases
Conduct root cause analysis and post‑incident reviews
Automate response actions to reduce mean time to detect/respond (MTTD/MTTR)
Secure multi‑cloud environments (AWS, GCP) through posture management and configuration monitoring
Detection of Zero Trust principles and violations across identity and access management systems
Strengthen controls within platforms such as CASB and DLP solutions
Automate workflows and security operations processes for tracking the remediations actioned against the environment
Integrate tooling and orchestrate response using SOAR or similar platforms
Continuously improve detection capabilities and operational efficiency
Deliver AI enabled automations and tooling for the ACV Security Operations Center
Deliver executive‑level reporting (MBRs/QBRs) on security posture, threats, and risk
Translate technical findings into business‑relevant insights to present to external stakeholders
Collaborate cross‑functionally with IT, engineering, and leadership teams
Perform additional duties as assigned.
What you will need
8+ years’ experience
Minimum of a 4 year Bachelor’s degree
Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls).
Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments. Experience with Fintech companies is desirable.
Experience with modern software development including Agentic and Generative AI techniques.
Familiarity with adversarial AI/ML techniques and their protections, such as Interference attacks and others in the MITRE ATLAS framework.
Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context for executive leadership and stakeholders.
Ability to work effectively in a remote environment and manage geographically dispersed teams.
Knowledge of CASB, DLP and SASE technologies
Proven ability to be agile and work effectively in a dynamic environment.
Demonstrated ability to perform under pressure and respond rapidly to emerging incidents and situations.
Excellent coordination, project management, and organization skills and comfortable with multi‑tasking in a high‑energy environment.
Should be a creative and analytical problem solver with a passion to provide excellent customer service.
Practical hands‑on experience engineering and implementing data security controls in cloud environments including databases, datastores and SaaS platforms.
Linux and Kubernetes/Container management and security
DevOps code‑based implementation and management
Knowledge of AWS including but not limited to S3, Lambda, RDS, EC2 and AWS Security Center
Understanding of TCP/IP Networking including knowledge of Protocols and Services
Understanding of what Information or Assets are of value to Threat Actors and how Organizations are Breached and Customer Accounts Compromised.
Overall understanding of the Security domain, compliance, business, risk, ops etc ALONG with its application to the business. #LI‑AM3
Our Values
Trust & Transparency | People First | Positive Experiences | Calm Persistence | Never Settling
At ACV, we are committed to an inclusive culture in which every individual is welcomed and empowered to celebrate their true selves. We achieve this by fostering a work environment of acceptance and understanding that is free from discrimination. ACV is committed to being an equal opportunity employer regardless of sex, race, creed, color, religion, marital status, national origin, age, pregnancy, sexual orientation, gender, gender identity, gender expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires reasonable accommodation, please let us know.
For information on our collection and use of your personal information, please see our Privacy Notice.
No immigration or work visa sponsorship provided for this position.
Compensation
The compensation range for this position is listed in the Job Details section at the bottom of this posting. Please note that final compensation will be determined based upon the applicant’s relevant experience, skill set, location, business needs, market demands, and other factors as permitted by law.
#J-18808-Ljbffr