Listing Description
Credit Acceptance is proud to be an award-winning company! Our history of excellence and growth has resulted in many exciting career opportunities. For the 7th year in a row, we have been named one of Fortune Magazine’s 100 Best Companies to Work For. Our team members have created a world-class culture that promotes a positive workplace and drives us to succeed, making us one of the largest used car finance companies nationally.
Our IT and Analytics Team Members utilize the latest technology to develop, monitor, and maintain complex practices that help optimize our success. Our Team Members value being challenged, are encouraged to express their ideas, and have the flexibility to enjoy work life balance. We build intrinsic value by partnering with all functions of our business to support their success and make strategic business decisions. We focus on professional development and continuous improvement while enjoying a casual work environment and Great Place to Work culture!
The Senior Application Security Analyst would be responsible for assisting team efforts to maintain and automate application security and DevOps tools and collaborate with development teams in identifying and building solutions to secure code. They will also be responsible for performing periodic risk assessments & reviews to assess security vulnerabilities & identify the best way to reduce information security risks. Analyze system changes to ensure compliance with established policies and identify policy and legal changes that will necessitate changes to internal systems.
Outcomes & Activities:
Perform application security assessments for new and existing applications
Document and report application vulnerabilities and suggest mitigations
Develop and manage a repeatable secure development process
Analyze industry security threats and develop strategies to detect and mitigate
Possess the ability to discuss and present technical solutions to all levels of the business
Competencies:
Business Domain: Understands Credit Acceptance’s business model, operations and business terminology.
Continuous Improvement/Innovation: Identifies, recommends and advocates for improvement opportunities for existing standards, policies and processes.
Value Assessment: Prioritizes and identifies more critical and less critical activities and tasks; adjusts priorities as appropriate.
Active Listening: Understands what is being said and the context in which it is being said.
Collaboration/Customer Focus: Treats everyone like a customer and collaborates with them to clarify and achieve objectives.
Verbal Communication: Speaks in a clear, concise, organized, and effective manner for the intended audience.
Written Communication: Writes in a clear, concise, organized, and effective manner for the intended audience.
Accountability/Ownership: Takes responsibility for delivering the work product.
Escalation: Recognizes areas of risk and escalates through the correct channels in a timely manner.
Time Management: Effectively manages time and resources to ensure that work is completed efficiently.
Critical Thinking: Understands complex information coming from different sources to evaluate, reconcile conflicts and determine the best possible outcomes.
Impact Analysis: Understands the rationale behind changes and how they impact the enterprise and/or applications and across the technical ecosystem.
Solution Design: Ability to translate high-level requirements to create and implement designs that are technically sound, maintainable, cost-effective and meet the needs of the customer.
Technical Domain: Has an understanding of the technical domain including application architecture, design and data.
Requirements:
Bachelor’s degree or equivalent in Computer Science, Information Technology or closely related field of study
Minimum of 5 years in a position in Information Technology
Minimum 3 years in Information Security
Strong knowledge of application security testing (SAST and DAST) and DevOps tools
Excellent knowledge in application development and security analysis
Hands-on experience with OWASP Top 10 standards, including mitigation of common threats like SQL Injection and Cross-Site Scripting
Familiarity with Sarbanes-Oxley, GLBA, ISO 27001, HIPAA
Experience with project management, and enterprise-level deployments & upgrades
Ability to lead development group discussions on vulnerability mitigation, good coding practices, and security risks
Participate in an on-call (24x7) rotation
Targeted Compensation: $82,500 - $110,000
Our Company Values:
To be successful in this role, Team Members need to demonstrate the characteristics of PRIDE in their work:
Positive: Maintain a positive attitude by focusing on solutions and promoting a collaborative and enjoyable environment.
Respectful: Value teamwork, share successes, appreciates others and communicates in a way that promotes trust.
Insightful: Make timely well considered decisions, create innovative solutions and continuously learn.
Direct: Communicate clearly and objectively; don’t be afraid of difficult conversations. Raise concerns through the proper channels.
Earnest: Be honest, sincere and consistent. Work hard and pursue our goals together relentlessly.
Expectations:
Work onsite at the assigned Credit Acceptance work location or territory
Remain compliant with our policies processes and legal guidelines
All other duties as assigned
Attendance as required by department
Interested?
Does this position align with your career goals? Do you meet the required qualifications? Do our PRIDE values resonate with you? Perfect! We want to hear from you.
Advice!
We understand that your career search may look different than others. Our hiring team wants to make sure that this would be a fit not just for us, but for you long term. If you are actively looking or starting to explore new opportunities, send us your application!
P.S.
We have great details around our stats, success, history and more. We’re proud of our culture and are happy to share why – let’s talk!
Required degrees must have been earned at institutions of Higher Education which are accredited by the Council for Higher Education Accreditation or equivalent.
Credit Acceptance is an equal opportunity employer.
California Residents: Please click here for the California Consumer Privacy Act (CCPA) notice regarding the personal information Credit Acceptance may collect from you.Perform application security assessments for new and existing applications
Document and report application vulnerabilities and suggest mitigations
Develop and manage a repeatable secure development process
Analyze industry security threats and develop strategies to detect and mitigate
Possess the ability to discuss and present technical solutions to all levels of the business
Listing Details
- Salary: $90000 - $110000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute