Engineer II, Cybersecurity - CarMax

Key Responsibilities

• Serve as subject‑matter expert on all security platforms protecting company assets, ensuring confidentiality, integrity, and availability of customer, vendor, and employee data.
• Lead the design, implementation, and continuous improvement of IAM solutions, integrating them with broader security programs.
• Conduct threat detection, incident response, and forensic investigations, collaborating with cross‑functional teams to mitigate risks.
• Develop and maintain security architecture frameworks, policies, and standards aligned with industry best practices and regulatory requirements.
• Perform risk assessments and vulnerability management, recommending remediation strategies and tracking progress.
• Educate stakeholders on security posture, emerging threats, and compliance obligations.

Requirements

• 5+ years of experience in cybersecurity, with a strong focus on IAM and threat detection.
• Proficiency with security tools such as SIEM, SOAR, and identity governance platforms.
• Deep understanding of security frameworks (NIST, ISO 27001, CIS Controls) and regulatory compliance (GDPR, CCPA, PCI‑DSS).
• Excellent analytical, problem‑solving, and communication skills.
• Ability to work independently and collaboratively in a fast‑paced, enterprise environment.