Security Engineer II

Job Description

Tekion is seeking a Security Engineer II to join its Product Security Engineering function. The company is disrupting the automotive industry with its cloud-native platform and is expanding its security team to integrate security into all phases of the SDLC. The role involves driving secure-by-design principles, building security automation tools, enhancing cloud infrastructure security, developing secure coding patterns, and partnering with development teams to identify and remediate security risks.

Responsibilities:

• Driving secure-by-design principles across web, mobile, cloud, and IoT systems.
• Building and maintaining security automation tools for CI/CD pipelines.
• Enhancing cloud infrastructure security posture at scale.
• Developing secure coding patterns, libraries, and guardrails for developers.
• Partnering with dev teams to identify and remediate security risks early (“shift-left” mindset).
• Conducting architectural reviews and risk assessments for new features or products.
• Assist engineering teams in performing threat modeling and working with them for effective mitigation techniques.

Requirements:

• Strong understanding of information security fundamentals.
• Hands-on experience with secure coding, DevSecOps, and security automation.
• Familiarity with application architecture, threat modeling, CI/CD pipelines, infrastructure-as-code (IAC), serverless, IAM, and cloud-native security.
• Experience integrating security controls into developer workflows.
• Ability to interpret penetration testing results.
• Comfortable collaborating across teams and challenging assumptions constructively.
• Solution-oriented, pragmatic, and focused on scalable risk mitigation.
• Proficiency in at least one programming language (Python, Bash, Java, etc.) for tool development and automation.