Operations Specialist, Information Security
About Carvana
At Carvana, we’re changing the way people buy and sell cars. With an ambitious vision and a fundamentally different approach designed to be fun, fast, and fair, Carvana became the fastest-growing automotive retailer in history. We expanded nationally, went public on the New York Stock Exchange, sold our 1 millionth car, and reached the Fortune 500, all in just eight years.
Today, with 4 million retail customers and counting, Carvana is both the fastest-growing and the most profitable public automotive retailer, and we’re just getting started. We continue to raise the bar for our customers as we tackle the enormous opportunity still ahead in the largest consumer vertical.
Working here means being part of a team that embraces change, celebrates creative problem solving, and always strives to be better. At Carvana, you’ll have the opportunity to take on meaningful challenges, learn quickly, and help shape the future of automotive retail. If you’re driven to grow and make an impact as part of a collaborative team, you’ll fit right in. Learn more about what it’s like to work here from the people that already do.
About the team and position
We are looking for an Operations Specialist, Information Security to join our Information Security Team. In this role, you will play a pivotal role in safeguarding our digital infrastructure by deploying, maintaining and managing various security technologies deployed within the organization to identify, protect, detect, respond and recover from cyber risks, threats, and exposures. A successful candidate will be able to effectively integrate and manage multiple enterprise security technologies across our technology stack, drive significant risk reduction and enhance our overall security risk posture.
This Operations Specialist, Information Security role is built for someone early in their career who is curious, hungry to learn, and excited to get their hands on real security tooling across a modern cloud environment. You'll be mentored by experienced engineers while contributing real work from day one.
What you’ll be doing
- Support the day-to-day operations of our security tool stack - learning how each technology works, why it matters, and how to keep it healthy and producing actionable signals.
- Help correlate and analyze data across multiple security platforms to identify trends, gaps, and opportunities to reduce risk using a pragmatic, risk-based approach.
- Assist in triaging vulnerability and bug bounty findings, collaborating with engineering and product teams to track and drive timely remediation.
- Contribute to automation projects that eliminate repetitive manual tasks, including building and refining workflows in our agentic AI security platform.
- Support the evaluation of new security technologies by researching capabilities, documenting findings, and participating in proof-of-value testing.
- Partner with cross-functional stakeholders to communicate risk clearly and help prioritize remediation using a risk-based approach.
- Explore how AI can be applied to optimize existing security capabilities and surface insights faster and bring ideas to the team.
- Learn from senior engineers through structured mentorship, code reviews, and collaborative incident response exercises.
- Other duties as assigned.
What you should have
- At least 1 year of experience in information security, Information Technology, or a closely related field - internships, academic projects, and home labs all count.
- Basic familiarity with cloud environments (AWS, Azure, GCP, OCI) and an eagerness to learn cloud-specific threats and defenses.
- A foundational understanding of common attack techniques and the concepts behind defending against them.
- Exposure to scripting or automation in Python, Bash, or PowerShell, and curiosity about using AI coding assistants to build tooling.
- Strong analytical thinking - you enjoy breaking down a problem, forming a hypothesis, and testing the solution.
- Clear written and verbal communication skills; you can explain a technical concept to a non-technical stakeholder.
- Self-motivated with a bias toward action - you don't wait to be told what to do next.
- A genuine curiosity-driven mindset: you read security blogs, chase CVEs for fun, or tinker with capture-the-flag challenges.
Optional Requirements
- An entry-level security certification such as CompTIA Security+, Google Cybersecurity Certificate, or equivalent coursework or degree.
- Hands-on experience managing or configuring a security tool (SIEM, EDR, vulnerability scanner, etc.).
- Participation in CTF competitions, bug bounty programs, or security research of any kind.
What we’ll offer in return
- Full-Time Salary Position with a competitive salary.
- Medical, Dental, and Vision benefits.
- 401K with company match.
- A multitude of perks including student loan payments, discounts on vehicles, benefits for your pets, and much more.
- A great wellness program to keep you healthy and happy both physically and mentally.
- Access to training and conference opportunities as well as great on-the-job training.
- A company culture of promotions from within, with a start-up atmosphere allowing for varied and rapid career development.
- A seat in one of the fastest-growing companies in the country.
Other requirements
To be able to do your job at Carvana, there are some basic requirements we want to share with you.
- Must be able to read, write, speak, and understand English.
- Requires excellent visual acuity and manual dexterity.
Of course, we’ll make any reasonable accommodations for those with disabilities to perform the essential functions of their jobs.
Legal stuff
Hiring is contingent on passing a complete background check. This role is not eligible for visa sponsorship.
Carvana is an equal employment opportunity employer. All applicants receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, marital status, national origin, age, mental or physical disability, protected veteran status, or genetic information, or any other basis protected by applicable law. Carvana also prohibits harassment of applicants or employees based on any of these protected categories.
Please note this job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Security pay context
Based on 1,711 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $178K (10th–90th percentile: $95K–$214K).
See the full Security salary breakdown →