Information Security Operations Engineer II
Headquartered in Boston, Massachusetts, CarGurus is the all-in-one platform that’s moving the entire car shopping journey online and guiding customers through each step. This includes everything from selling an old car to financing, purchasing, and delivering a new one. Today, millions of consumers visit cargurus.com each month, and more than 30,000 dealerships use our products. We have a people-first culture that fosters kindness, collaboration, and innovation, while empowering our Gurus with tools and resources to fuel their career growth. Our goal is to give all people—consumers, dealers, and our employees—the power to reach their destination.
Job Description
Role overview
Car shopping is complicated. At CarGurus, we use data and technology to make it simple, giving people the tools they need to confidently find, buy, finance, or sell a car. The best part? Our work makes a real impact. We’re the most-visited car-shopping site in the US and we are growing fast in our international markets. Ready to come along for the ride?
Our Information Security Operations Engineer II will report into our Security Operations Manager and be responsible for securing the organization’s infrastructure. You will closely collaborate with other Security Engineers to continuously improve and develop our digital security posture. This includes managing alerts, incidents, and projects focused on the holistic security of CarGurus cloud infrastructure and corporate endpoints
Our SecOps Engineer will be utilizing our CSPM, security logging, monitoring and SIEM solutions, and acting as one point of contact for the security incident response team (SIRT). Monitoring, triaging and remediating security events while simultaneously improving threat detection logic is imperative to helping reduce risk exposure to our business.
What you'll do
70% Security Operations
- Manage escalations from security tools (SIEM, CSPM) and our MDR provider, responding to alerts, and improving processes.
- Monitor and manage security alerts across a variety of systems, including:
+ Operating Systems
+ Firewalls
+ VPNs
+ DLP
- Monitor and manage security alerts across our cloud infrastructure, via our CSPM tooling.
- Evaluate new security products and solutions
- Build and deploy SOAR automated responses.
- Support our Vulnerability Management Program, including monitoring and updating tools and systems.
20% Security Incident Response
- Provide Technical Support and Oversight to incident response activities
- Respond to incidents, including:
+ Account takeover
+ Fraud
+ Malware
+ DDoS and other Web-based attacks
+ Internal Data Abuse
- Improve the incident response process by writing clear and constructive retrospectives
- Participate in Tabletop Exercises
- Participate in business continuity and disaster planning
10% Vulnerability Management
- Provide support to the Security Operations Vulnerability Management Program
What you'll bring
- Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum
- 3-5 years of experience securing cloud agnostic infrastructure (AWS, Azure, GCP) and datastores (MySQL, MongoDB, RDS) including use of automation and container deployment (Docker, Kubernetes, Terraform, Chef, Puppet)
- Experience managing an IDS, SIEM and vulnerability management solutions in a hybrid environment
- Proficient in system hardening and patch management strategies
- History of working on a Security Incident Response Team (SIRT)
- Familiarity with security frameworks and risk-based security programs
- Proactively tie technical security risks and to tactical organizational activities and goals
- Clearly articulate issues and communicate in an effective and personable manner
- Adjust quickly to the security needs of a highly agile organization
- Build relationships across multiple business units to inform and education security best practices
Role overview
Car shopping is complicated. At CarGurus, we use data and technology to make it simple, giving people the tools they need to confidently find, buy, finance, or sell a car. The best part? Our work makes a real impact. We’re the most-visited car-shopping site in the US and we are growing fast in our international markets. Ready to come along for the ride?
Our Information Security Operations Engineer II will report into our Security Operations Manager and be responsible for securing the organization’s infrastructure. You will closely collaborate with other Security Engineers to continuously improve and develop our digital security posture. This includes managing alerts, incidents, and projects focused on the holistic security of CarGurus cloud infrastructure and corporate endpoints
Our SecOps Engineer will be utilizing our CSPM, security logging, monitoring and SIEM solutions, and acting as one point of contact for the security incident response team (SIRT). Monitoring, triaging and remediating security events while simultaneously improving threat detection logic is imperative to helping reduce risk exposure to our business.
What you'll do
70% Security Operations
- Manage escalations from security tools (SIEM, CSPM) and our MDR provider, responding to alerts, and improving processes.
- Monitor and manage security alerts across a variety of systems, including:
- Operating Systems
- Firewalls
- VPNs
- DLP
- Monitor and manage security alerts across our cloud infrastructure, via our CSPM tooling.
- Evaluate new security products and solutions
- Build and deploy SOAR automated responses.
- Support our Vulnerability Management Program, including monitoring and updating tools and systems.
20% Security Incident Response
- Provide Technical Support and Oversight to incident response activities
- Respond to incidents, including:
- Account takeover
- Fraud
- Malware
- DDoS and other Web-based attacks
- Internal Data Abuse
- Improve the incident response process by writing clear and constructive retrospectives
- Participate in Tabletop Exercises
- Participate in business continuity and disaster planning
10% Vulnerability Management
- Provide support to the Security Operations Vulnerability Management Program
What you'll bring
- Bachelor’s Degree or equivalent combination of education and experience in Information Security, Computer Science, Management Information Systems or related curriculum
- 3-5 years of experience securing cloud agnostic infrastructure (AWS, Azure, GCP) and datastores (MySQL, MongoDB, RDS) including use of automation and container deployment (Docker, Kubernetes, Terraform, Chef, Puppet)
- Experience managing an IDS, SIEM and vulnerability management solutions in a hybrid environment
- Proficient in system hardening and patch management strategies
- History of working on a Security Incident Response Team (SIRT)
- Familiarity with security frameworks and risk-based security programs
- Proactively tie technical security risks and to tactical organizational activities and goals
- Clearly articulate issues and communicate in an effective and personable manner
- Adjust quickly to the security needs of a highly agile organization
- Build relationships across multiple business units to inform and education security best practices
