Principal Information Security Operations Engineer

Headquartered in Boston, Massachusetts, CarGurus is the all-in-one platform that’s moving the entire car shopping journey online and guiding customers through each step. This includes everything from selling an old car to financing, purchasing, and delivering a new one. Today, millions of consumers visit cargurus.com each month, and more than 30,000 dealerships use our products. We have a people-first culture that fosters kindness, collaboration, and innovation, while empowering our Gurus with tools and resources to fuel their career growth. Our goal is to give all people—consumers, dealers, and our employees—the power to reach their destination.
Job Description
Role overview
This role is fundamental in designing the preventative and operating the detective, security control programs for our cloud and corporate infrastructure and products. This role is a critical leadership role within the Information Security team and functions as a thought-leader for infosec organizationally.
What you'll do
- Design, architect, and implement defensive security controls across on-prem and cloud environments (AWS, Azure, GCP) in accordance with CIS Controls and NIST frameworks
- Work with infrastructure-as-code technologies to establish automated security configurations to support platform hardening, security controls and policies in the infrastructure deployment pipeline
- Manage Intrusion Detection System (IDS) and make necessary changes for accurate threat detection and remediation of identified issues
- Scan, triage and remediate security vulnerabilities while continuing to mature the vulnerability management program
- Manage third-party vulnerability and penetration testing engagements
- Build out our Security Information and Event Management (SIEM) solution, incident response, and forensic capabilities
- Act as the Incident Commander of the Security Incident Response Team (SIRT)
What you'll bring
- 5-7 years of experience securing cloud agnostic infrastructure (AWS, Azure, GCP) and datastores (MySQL, MongoDB, RDS) including use of automation and container deployment (Docker, Kubernetes, Terraform, Chef, Puppet)
- Extensive experience managing an IDS, SIEM and vulnerability management solutions in a hybrid environment
- Solid understanding of RBAC models and SSO solutions (SAML 2, OAuth 2, OIDC)
- Proficient in system hardening and patch management strategies
- Authored and maintained infrastructure security policies, standards, and procedures
- History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, conducting forensics analysis
Role overview
This role is fundamental in designing the preventative and operating the detective, security control programs for our cloud and corporate infrastructure and products. This role is a critical leadership role within the Information Security team and functions as a thought-leader for infosec organizationally.
What you'll do
- Design, architect, and implement defensive security controls across on-prem and cloud environments (AWS, Azure, GCP) in accordance with CIS Controls and NIST frameworks
- Work with infrastructure-as-code technologies to establish automated security configurations to support platform hardening, security controls and policies in the infrastructure deployment pipeline
- Manage Intrusion Detection System (IDS) and make necessary changes for accurate threat detection and remediation of identified issues
- Scan, triage and remediate security vulnerabilities while continuing to mature the vulnerability management program
- Manage third-party vulnerability and penetration testing engagements
- Build out our Security Information and Event Management (SIEM) solution, incident response, and forensic capabilities
- Act as the Incident Commander of the Security Incident Response Team (SIRT)
What you'll bring
- 5-7 years of experience securing cloud agnostic infrastructure (AWS, Azure, GCP) and datastores (MySQL, MongoDB, RDS) including use of automation and container deployment (Docker, Kubernetes, Terraform, Chef, Puppet)
- Extensive experience managing an IDS, SIEM and vulnerability management solutions in a hybrid environment
- Solid understanding of RBAC models and SSO solutions (SAML 2, OAuth 2, OIDC)
- Proficient in system hardening and patch management strategies
- Authored and maintained infrastructure security policies, standards, and procedures
- History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, conducting forensics analysis