Principal Information Security Operations Engineer

at CarGurus
๐Ÿ‡บ๐Ÿ‡ธ United States - Remote
๐Ÿ”’ Cybersecurity๐ŸŸก Principal

Job description

Who we are

At CarGurus (NASDAQ: CARG), our mission is to give people the power to reach their destination. We started as a small team of developers determined to bring trust and transparency to car shopping. Since then, our history of innovation and go-to-market acceleration has driven industry-leading growth. In fact, weโ€™re the largest and fastest-growing automotive marketplace, and weโ€™ve been profitable for over 15 years.

What we do

The market is evolving, and we are too, moving the entire automotive journey online and guiding our customers through every step. That includes everything from the sale of an old car to the financing, purchase, and delivery of a new one. Today, tens of millions of consumers visit CarGurus.com each month, and ~30,000 dealerships use our products. But they’re not the only ones who love CarGurusโ€”our employees do, too. We have a people-first culture that fosters kindness, collaboration, and innovation, and empowers our Gurus with tools to fuel their career growth. Disrupting a trillion-dollar industry requires fresh and diverse perspectives. Come join us for the ride!

Role overview

Weโ€™re seeking a Principal Security Engineer, Operations who will lead the design, development, and operation of scalable detection and defensive security controls across our cloud-first and hybrid environments. This individual will be a key technical leader within the Information Security team, responsible for evolving our threat detection, response, and prevention capabilities. The ideal candidate has deep experience in both red and blue team methodologies and exercises, with a proven ability to think like an attacker while building resilient detection infrastructure that scales.

This role is foundational to our cloud and infrastructure security strategy programs and will help define the future of our threat detection architecture.

What you’ll do

  • Evaluate, advise, and deploy new security technologies alongside other technologies Information Security and peer partners (e.g. Platform Engineering, IT).
  • Design, architect, and implement scalable detection pipelines across cloud (e.g. AWS, Azure, GCP) endpoints, identity, DLP, and SaaS platforms that support proactive threat identification and response.
  • Mature our Security Information and Event Management (SIEM) and centralized logging capabilities, focusing on enrichment, correlation, and high-signal detections.
  • Develop detection-as-code practices and CI/CD pipelines for deployment and tuning of detection logic.
  • Make thoughtful long-term architectural design and strategy decisions for ourย  Cloud Native Application Protection Platform (CNAPP) to ensure coverage, efficiencies and reduce false positives while maintaining continuity across multiple infrastructure environments.
  • Work with infrastructure-as-code (IAC) technologies to establish automated security configurations for platform hardening and cloud-native control enforcement.
  • Collaborate closely with AppSec offensive security, and Cloud Engineering teams to identify detection opportunities and test control efficacy.
  • Partner with our Technical Leadership Team (TLT) to provide feedback and guidance related to security operational decisions to support the product development of our platform.
  • Implement necessary security changes to support our Identity Governance Access (IAG) program and Role-Based Access Control (RBAC) models.
  • Contribute to third-party vulnerability and penetration testing engagements and feed learnings into the broader detection engineering strategy.
  • Continuously improve our vulnerability management program by triaging issues and identifying gaps in pre-production versus post-production detection.
  • Ensure alignment to industry frameworks such as CIS Controls, ISO 27XXX, and NIST, embedding defensible security practices across the stack.
  • Act as the Incident Commander of the Security Incident Response Team (SIRT), overseeing triage, containment, and forensics during investigations.

What you’ll bring

  • 7+ years in detection engineering, security operations, or a similar role, with a strong track record building detection logic in large-scale or cloud-native environments.
  • Experience architecting and deploying detection pipelines across platforms like AWS, GCP, or Azure using tools such as Chronicle, Splunk, Panther, or open-source equivalents.
  • Strong red + blue team mindset: you think like an attacker and build defenses that go beyond surface-level detection.
  • Expertise in cloud control plane monitoring, identity threat detection, and infrastructure log analysis.
  • Deep familiarity with adversary TTPs (MITRE ATT&CK), anomaly-based detection techniques, and event correlation strategies.
  • Experience operationalizing detection-as-code pipelines (e.g., CI/CD for detection logic).
  • Ability to communicate detection priorities and incident insights to technical and non-technical stakeholders.
  • Authored and maintained infrastructure security policies, standards, and procedures
  • History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, conducting forensics analysis
  • Experience evaluating, running PoCs, and deploying new security tooling solutions.

Working at CarGurus

We reward our Gurusโ€™ curiosity and passion with best-in-class benefits and compensation, including equity for all employees, both when they start and as they continue to grow with us. Our career development and corporate giving programs, as well as our employee resource groups (ERGs) and communities, help people build connections while making an impact in personally meaningful ways. A flexible hybrid model and robust time off policies encourage work-life balance and individual well-being. Thoughtful perks like daily free lunch, a new car discount, meditation and fitness apps, commuting cost coverage, and more help our people create space for what matters most in their personal and professional lives.

We welcome all

CarGurus strives to be a place to which people can bring the ultimate expression of themselves and their potentialโ€”starting with our hiring process. We do not discriminate based on race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. We foster an inclusive environment that values people for their skills, experiences, and unique perspectives. Thatโ€™s why we hope youโ€™ll apply even if you donโ€™t check every box listed in the job description. We also encourage you to tell your recruiter if you require accommodations to participate in our hiring process due to a disability so we can provide the appropriate support. We want to know what only you can bring to CarGurus. #LI-Hybrid

Share this job:
Please let CarGurus know you found this job on Remote First Jobs ๐Ÿ™

Similar Remote Jobs

Latest Jobs at CarGurus

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service ๐Ÿ™

Apply