Canoo Technologies Inc.

Senior IT Security Engineer

Information Technology
Full Time
Location : Location

About Canoo

About Canoo

 Canoo’s mission is to bring EVs to Everyone and build a world-class team to deploy this sustainable mobility revolution. We have developed breakthrough electric vehicles that are reinventing the automotive landscape with pioneering technologies, award-winning designs, and a unique business model that spans all owners in the full lifecycle of the vehicle. Canoo is starting production in 2022 and is distinguished by its pioneering and experienced team of technologists, engineers, and designers. With offices around the country, the company is scaling quickly and seeking candidates who love to challenge themselves, are motivated by purpose, and possess a strong desire to get things done.


The “Canoo Way”

 Canoo’s success is the direct result of our disciplined application of our core operating principles and drills, which are based on three main principles: Think 80/20 (“Important versus less important”), Act 30/30 (“Reduce waste and increase output”), and Live 90/10 (“We have each other’s back”). We hire based on “MET” - Mindset, Equipment and willingness to Train - and seek individuals that take accountability and deliver results while being Humble, Hungry to succeed, and Hunting for opportunities to win. We train our team to engage with each other by modulating between their intellect (iQ) and emotional intelligence (eQ), applying Facts, Finesse, and Force when they communicate. The principles and drills of the CANOO Way have been fundamental to our success, our ability to grow, continuously improve, innovate and are at the core of our day-to-day operations.


The Senior IT Security Engineer is responsible for managing the daily security operations at Canoo.  This role will be a hands-on role focused on reporting, threat analysis, compliance, and providing best practice security direction to the IT departments.  This role will also work with technologies from Palo Alto, Cisco, Meraki, and AWS.


Designs, implements, maintains, and operates Canoo’s security controls including, but not limited to:

  • Follows a standard methodology to identify and/or detect threats to the IT infrastructure, applications, and other information assets
  • Works with various teams to follow a pre-assessment plan/ and assessment schedule for every assessment, conduct threat assessment, and deliver an assessment report
  • Demonstrate sustainability of newly implemented tools and processes in areas including vulnerability management

Performs incident response operations and investigations including, but not limited to:

  • Identify, contain, mitigate, recover, and report on cyber-security incidents affecting the enterprise and business
  • Analyze and investigate adverse events and incidents using an enterprise security information and event monitoring (SIEM), logs from firewalls, IPS, servers, endpoints, and other network devices to determine threats, attack vector, scope of activity, and appropriate response
  • Collaborate and coordinate with peers and business unit teams as needed to analyze and respond to adverse events and incidents


 Required Experience

  • Working knowledge of Palo Alto projects – firewalls
  • AWS experience with security best practices
  • Azure Threat Protection
  • Knowledge of securing containers and other services in the cloud
  • Configure and operate discovery tools and services to enumerate and map enterprise networks
  • Configure and operate enterprise vulnerability assessment and configuration assessment tools (i.e. Tenable) and integrate their output into downstream systems
  • Validate vulnerability findings for false positives and negatives, and document findings for future use
  • Develop repeatable and automated means for identifying the responsible owner for each system affected by a vulnerability and points of contact for remediation
  • Work with remediation owners to test effectiveness and ease of solution deployments
  • Review exception requests received from product owners to enumerate risks associated with certain vulnerabilities
  • Drive remediation of security risks including tracking of issues and action plans, and partner with patch coordination teams, technology/application owners, and business units to prioritize and enhance remediation efforts
  • Group and prioritize remediation findings in a manner that increases efficiency
  • Support the development and acquisition of data to inform vulnerability management metrics
  • Comprehensively document all aspects, technical and otherwise, of project implementations

 Preferred Experience 

  • Associate or Bachelor’s degree in Computer Science, or equivalent experience
  • CISSP preferred, but not required
  • Previous firewall management preferred
  • Minimum five (5) years in Information Technology Security

What's Cool About Working Here...

  • Meaningful, challenging work that will redefine automotive landscape and make EVs available to everyone
  • Comprehensive Health Insurance
  • Equity Compensation
  • Flexible Paid Time Off
  • Casual workplace with an unbelievable feeling of energy

Canoo is an equal opportunity-affirmative action employer and considers all qualified applicants for employment based on business needs, job requirements and individual qualifications, without regard to race, color, religion, sex, age, disability, sexual orientation, gender identity or expression, marital status, past or present military service or any other status protected by the laws or regulations in the locations where we operate. We also consider qualified applicants with criminal histories consistent with applicable federal, state and local law.


Any unsolicited resumes or candidate profiles submitted in response to our job posting shall be considered the property of Canoo Inc. and its subsidiaries and are not subject to payment of referral or placement fees if any such candidate is later hired by Canoo unless you have a signed written agreement in place with us which covers the applicable job posting. 


Canoo cares deeply about the safety of all candidates who may be asked to participate in an in-person interview. While the company remains operational, some of our positions are remote, while others require working on-site. Canoo is following the Covid-19 protocols set forth by local state and federal governance and the CDC guidelines. Candidates who are vaccinated will be asked to provide a copy of proof of vaccination upon arrival for the interview. Candidates who are not vaccinated will be asked to provide proof of a negative Covid-19 test that is no less than 48 hours old. We ask that you practice hand hygiene, social distance, and wear face coverings to reduce the risks of exposure to Covid-19. We appreciate your cooperation with our safety protocols while you explore your future with Canoo!


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed