Sr. Security Engineer

The Senior Security Engineer will support the establishment of FCP Euro's inaugural security function from the ground up, serving as the foundational technical authority for building comprehensive security capabilities. In this role, you will lead initiatives to harden system configurations, integrate advanced threat detection and prevention tools, and rigorously enforce secure coding practices. You will also conduct in-depth security assessments, facilitate continuous vulnerability management, drive incident response strategies, and collaborate closely with cross-functional teams to ensure our infrastructure, applications, and data are defended against evolving threats. The ideal candidate will have the vision and technical expertise to transform an undefined security landscape into a robust, mature security program that proactively defends against evolving technological risks.

FCP Euro is an online automotive parts retailer headquartered in Milford, Connecticut. FCP stands for "Foreign Car Parts," we specialize in replacement parts for European vehicles.  In the past 10 years, FCP Euro has earned a spot on the Inc. 5000 fastest-growing private companies list eight times. Customer service is deeply rooted in our core values.  FCP Euro is a customer and technology company, and this unique blended culture has yielded outstanding results worthy of reward and recognition. We are devoted to developing and maintaining user-friendly and accurate automotive catalogs. We have an incredible enthusiasm for what we do, and we are always looking for ways to grow, learn, and improve. 

Key Responsibilities

Security Architecture & Design:

• Architect and implement scalable security controls, including firewalls, intrusion detection/prevention systems, web application firewalls, and SIEM platforms.
• Develop reference security architectures and hardening guidelines to ensure a consistent, secure baseline for systems and services. 

• Conduct configuration reviews, secure system baselines, and ensure all platforms—on-premises and cloud—adhere to industry best practices.
• Enforce secure coding and deployment standards through code reviews, tooling, and collaboration with DevOps/Engineering teams. 

• Integrate advanced threat detection tools, automated alerting, and forensic capabilities into our environment.
• Lead incident response efforts, including triage, root-cause analysis, and containment, as well as post-incident reviews to prevent future compromises. 

• Continuously assess, prioritize, and remediate vulnerabilities across systems, networks, applications, and APIs.
• Conduct regular security assessments (e.g., penetration tests, red team exercises) and track remediation efforts to closure.

• Implement robust encryption strategies for data at rest and in transit.
• Manage cryptographic keys, certificates, and secrets to maintain the integrity and confidentiality of sensitive information. 

• Align security controls with industry standards and frameworks (e.g., NIST, PCI, CCPA, GDPR).
• Collaborate with compliance and risk teams to ensure adherence to regulations such as GDPR, CCPA, or PCI-DSS as applicable. 

• Work closely with cross-functional teams—Engineering, IT, Data, Product, Legal, and Compliance—to drive security initiatives and influence security roadmaps.
• Mentor junior security staff, share best practices, and contribute to knowledge-sharing within the organization. 

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field
• 7+ years of progressive experience in cybersecurity, with at least 3 years in a senior or lead security role
• Proficiency in modern security technologies (e.g., EDR, SIEM, WAF, IAM solutions) and cloud platforms (AWS, Azure, GCP).
• Strong programming or scripting skills (e.g., Python, Go, Bash) to automate security tasks.
• Deep understanding of OS hardening, network security, cryptography, and secure software development practices.
• Advanced certifications such as CISSP, GSEC, OSCP, or other relevant security certifications.
• Strong understanding of network security, application security, and risk management
• Proven track record of implementing security solutions in e-commerce or high-transaction volume environments
• Advanced knowledge of security frameworks and compliance standards
• Exceptional problem-solving abilities, attention to detail, and analytical thinking.
• Excellent communication skills to convey complex security concepts to both technical and non-technical stakeholders. 

• Company-subsidized Medical, Dental, and Vision insurance.
• 15 days of PTO (Paid Time Off), Company Holidays and sick time.
• 401k with Company deposit and match.
• Discounted prices on our catalog of European car parts!

Compensation:

This is an exempt salaried role with a base salary of $120,000 - $150,000 depending on experience, with a total compensation opportunity of $131,220 - $164,000 annually. 

FCP Euro provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination or harassment of any kind on the basis of race, color, religion, sexual orientation, sex, gender identity or expression, national origin, cultural heritage, ancestry, political belief, age, marital status, family status, pregnancy, physical or mental disability, intellectual disability, learning disability, veteran status or any other characteristic protected by the law.