Security Operations Engineer II

Credit Acceptance is proud to be an award-winning company with local and national workplace recognition in multiple categories! Our world-class culture is shaped by dedicated Team Members who share a drive to succeed as professionals and together as a company. A great product, amazing people and our stable financial history have made us one of the largest used car finance companies nationally.

Our Engineering and Analytics Team Members utilize the latest technology to develop, monitor, and maintain complex practices that help optimize our success. Our Team Members value being challenged, are encouraged to express their ideas, and have the flexibility to enjoy work life balance. We build intrinsic value by partnering with all functions of our business to support their success and make strategic business decisions.

We focus on professional development and continuous improvement while enjoying a casual work environment and Great Place to Work culture!

Outcomes and Activities

• This position will work from home; occasional planned travel to an assigned Southfield, Michigan office location may be required. However, this position

Information Security

• is permitted to work at a Southfield, Michigan office location if requested by the team member
• Operate and tune enterprise security tools (EDR, SIEM/SOAR, WAF/proxy, email security).
• Manage proxy filtering policies, exceptions, SSL inspection, and performance troubleshooting.
• Build automation and playbooks (Python/Power Shell, SOAR, APIs) to streamline Sec Ops tasks.
• Implement CI/CD pipelines and Infrastructure-as-Code workflows for consistent, auditable security configuration changes.
• Author and tune detection rules; improve signal quality and reduce false positives.
• Maintain and author health dashboards, uptime/coverage metrics, and change governance documentation.
• Conduct knowledge transfers through runbooks, how-to guides, tabletop exercises, and lunch & learn training sessions.
• Maintain upgrade schedules, license compliance, configuration baselines, and key/secret rotations.
• Administer URL/category policies, SSL inspection, identity-aware policies, geo/risk-based controls, and performance troubleshooting.
• Analyze block events for false positives; measure impact; retire exceptions on schedule and report residual risk.
• Build and maintain an automation backlog in partnership with Sec Ops, prioritizing high-frequency, high-toil tasks.
• Provide on-call support for tooling availability and ingestion/normalization issues.
• Report on metrics (uptime, coverage, MTTR, lead time, change success rate, exception aging).
• Keep documentation, diagrams, and asset inventories current.
• As needed, monitor and respond to alerts raised by various toolsets as part of an ongoing 24/7 Security Operations Center.
• Report outages or incidents following guidelines and procedures.
• Detect, analyze, and respond to incidents, coordinate with other stakeholders for containing, eradicating, and recovering from an incident.

• Assist in developing testing criteria to implement new signatures/rules.

Other

• Perform all other duties as assigned.
• Participate in on-call rotations, including nights, weekends, and holidays.
• Remains compliant with our policies, processes and legal guidelines.
• Works primarily remotely with some occasional travel to a Credit Acceptance building.

Competencies:

• Customer Empathy: Customer Empathy is the ability to understand the perspectives, pain points, and experiences of customers. It involves actively putting oneself in the customer's shoes, comprehending their needs and challenges, and using that understanding to provide a better, more customer-centric experience.
• Engineering Excellence: Engineering Excellence is about bringing great craftsmanship and thought leadership to deliver an outstanding product that delights customers and solves for the business. This involves the pursuit and achievement of high standards, best practices, innovation, and superior solutions.
• One Team: A One Team mindset refers to a collaborative approach across the organization, where individuals work together seamlessly, without boundaries, as a single, cohesive team. Shared goals, open communication and mutual support create a sense of collective purpose. This enables teams to navigate challenges and pursue shared objectives more effectively.
• Owner's Mindset: Owner's Mindset involves adopting a set of behaviors that reflect a sense of responsibility, accountability, strategic thinking, and a proactive approach to managing your domain. As…