Threat Detection and Response Engineer II
About The Position
CarGurus is looking for a Security Engineer II to add to our growing Threat Detection and Response (TD&R) Team. This is a hands-on technical role that will build our first line of defense against cybersecurity threats in a complex and evolving landscape. You will be responsible for our detection and response lifecycle, identifying and preventing threats from impacting our employees, customers and other stakeholders. As a Security Engineer II, you will have the opportunity to build a platform to identify and stop threats, work with data to solve complex security challenges, and serve as the primary defender for the CarGurus ecosystem.
Requirements
- 3+ years of experience in software, security, and/or data engineering
- Strong desire to apply the latest technology including AI and ML to defend against threats
- Experience with data pipelines and data engineering, especially centralized logging, SIEM tools, and data lakes
- Desire to measure the success of your work with quantitative tools like Precision and Recall
- Experience in at least one programming language like Python, Go or similar
- Experience with cloud infrastructure and technologies like AWS, Kubernetes, containers, IaC, etc
- Experience with good engineering practices like git/GitHub and CI/CD automations
- Familiarity with tactics, techniques, and procedures used by threat actors
- Familiarity detecting and responding to cybersecurity incidents
- Strong passion for continuous learning, especially relating to cybersecurity and technology
- Team player with strong oral and written communication skills
Responsibilities
- Build tools and techniques to detect threats to the company using an engineering-first approach that prioritizes reliability, maintainability and scalability
- Leverage AI and automation to streamline detection and response operations in a safe and reliable manner
- Onboard, normalize and optimize security logging data to support detection engineering, applied ML models, and efficient querying during incidents.
- Develop high-fidelity, rule-based and ML-driven detections as code, utilizing automated testing and CI/CD pipelines for deployment.
- Respond to alerts, threats, and security incidents, including participating in on-call rotations
- Monitor the threat landscape to identify and track emerging threats, ensuring that appropriate detective and preventative controls are deployed
- Partner with development teams to design controls for a cloud first infrastructure (AWS, Kubernetes, etc)
Benefits
- equity for all employees, both when they start and as they continue to grow with us
- career development and corporate giving programs
- employee resource groups (ERGs) and communities
- flexible hybrid model
- robust time off policies
- daily free lunch
- new car discount
- meditation and fitness apps
- commuting cost coverage
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
