Engineer II, Cybersecurity

About this job

This position will be the subject matter expert on all platforms that fall into category of CarMax’s® assets to ensure the protection, integrity and confidentiality of customer, vendor, employee, and business information in compliance with organization policies and standards utilizing current information security technology disciplines and industry standards. This is a unique opportunity at a Fortune 200 company and national brand to expand and develop skills beyond current IAM focus to a broader skill and toolset in the security program.  This opportunity provides the ability to both lead implementation and improvements while also providing the opportunity for hands-on operation across the full suite of Identity security capabilities.  The Cybersecurity Identity and Access Management (IAM) Engineer performs all activities necessary to ensure we provide the right people and systems, the right access to the right systems for the right reasons.  This role interfaces with application, infrastructure, and network operations teams and develops the necessary procedures to maintain security and educates the user community.  The Cybersecurity Engineer also provides metrics, status reports, and audit results for key stakeholders while driving improvements and program maturity.

Essential Responsibilities:

• Desire to keep up with current technology and client industry
• Implement, develop, operate, and improve Identity Management solutions
• Provide functional and technical expertise on projects that require IAM services 
• Evaluate authorization and authentication policies 
• Perform evaluation and governance of IAM platforms and processes  
• Gather information from the business and IT department to develop security-related processes and procedures to continuously improve the security posture of CarMax 
• Assist in driving tasks and projects to successful completion through effective project management, customer interaction, and IT coordination 
• Effectively triage support problems and respond with the appropriate level of urgency
• Participate in a 24x7 on-call rotation as scheduled, and the ability to perform after hours support as needed 

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Technical Qualifications:

• Functional proficiency with at least one coding or scripting language: Java, PowerShell, Python, TypeScript
• User administration, authentication methods, groups, and domain concepts
• Industry protocol standards such as: LDAP, SAML, WS-Federation, OAuth, SCIM
• Experience with user provisioning, Access Management, Access Governance/Access Recertification (IGA), Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privilege Access Management (PAM)
• Excellent analytical, troubleshooting, and problem-solving skills and performs well in high pressure or stressful situations
• Excellent organization and time management skills 
• Excellent communication skills to include, but not limited to, verbal and written communication; delivering organized presentations; able to tailor message to the audience; and facilitate group discussions with diplomacy and seek diverse opinions
• Ability to effectively estimate the efforts of others and the impact required to accomplish requested tasks/projects
• Windows server and Red Hat Enterprise Linux Operating Systems 
• Cloud technology (SaaS, IaaS, PaaS) 

Education and/or Experience:

• 1-5 years of experience in information security or related field.
• Bachelor’s Degree in Computer Science, Engineering, Cybersecurity, or a related field or equivalent alternative education, skills, and/or practical experience is required.

• Certifications: CISSP, CISA, or Security+ preferred

Work Location and Arrangement:  West Creek: This role will be based out of the CarMax Home Office (Richmond, VA) and associates will work onsite 4 days per week. 

Work Authorization:  Applicants must be currently authorized to work in the United States on a full-time basis. Sponsorship will not be considered for this specific role.

About CarMax 

CarMax disrupted the auto industry by delivering the honest, transparent and high-integrity experience customers want and deserve. This innovative thinking around the way cars are bought and sold has helped us become the nation’s largest retailer of used cars, with over 250 locations nationwide. 

Our amazing team of more than 25,000 associates work together to deliver iconic customer experiences. Along the way, we help every associate grow their career and achieve their best, at work and in their community.  We are recognized for our commitment to training and diversity and are one of the FORTUNE 100 Best Companies to Work For®. 

Our Commitment to Diversity and Inclusion:  

CarMax is committed to bringing together people from different backgrounds and perspectives, providing employees with a safe, welcoming, and inclusive work environment. 

CarMax is an equal opportunity employer, and all qualified candidates will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law. 

Upon an applicant's request, CarMax will consider reasonable accommodation to complete the CarMax Job Application.

Upon an applicant's request, CarMax will consider reasonable accommodation to complete the CarMax Job Application.