Senior DevOps Engineer

CarGurusBoston, MA
Hybrid

About The Position

CarGurus is seeking a Senior DevOps Engineer to join our Cloud Enablement team. This team builds and operates the cloud platform capabilities, automation, and guardrails that help engineering teams provision infrastructure, deploy services, and work securely in the cloud with less friction. In this role, you will contribute to the design, implementation, and operation of scalable platform services that improve developer experience, strengthen reliability, and support self-service infrastructure across the company. We are looking for an engineer who is hands-on, execution-oriented, and motivated by building practical solutions that other engineers rely on every day.

Requirements

  • 4+ years of experience in a hands-on DevOps, platform engineering, or cloud infrastructure role, performing the core responsibilities of this position.
  • Significant experience operating production workloads in AWS including IAM, S3, Lambda, EKS, ElastiCache, EC2, and related services.
  • Comfortable reasoning about security, cost, and reliability trade-offs at platform scale.
  • High proficiency with Terraform, including HCP Terraform, remote state, module design, and workspace governance.
  • Hands-on experience with Sentinel and/or Semgrep for policy-as-code enforcement.
  • Practical experience with HashiCorp Vault dynamic secrets, PKI/CA, AppRole/Kubernetes auth, or transit encryption.
  • Experience migrating workloads from static credentials to short-lived credential models.
  • Deep experience with GitHub Actions runner infrastructure, composite actions, GHES/GHEC, and supply-chain security practices.
  • Familiarity with CircleCI or similar pipeline systems.
  • Ability to reason about cloud cost attribution, resource tagging strategies, and FinOps tooling (e.g., CloudZero, AWS Cost Explorer).
  • Familiarity with Amazon Bedrock, LLM API cost structures, and basic governance considerations (spend attribution, access controls).
  • Proficiency in at least one scripting/programming language (Python, Go, or similar) for building automation, CLI tooling, and platform integrations.
  • Able to distill complex technical problems into clear design docs, written proposals, and stakeholder-facing summaries.
  • Comfortable working across teams to align on shared technical boundaries.

Responsibilities

  • Own the technical execution and delivery of significant platform capabilities.
  • Author design docs and contribute to Architecture Decision Records (ADRs) for team-level decisions.
  • Lead complex, multi-sprint initiatives (e.g., Vault dynamic secrets rollout, GitHub Actions maturity, AWS Sandbox self-service) end-to-end through to production.
  • Manage HCP Terraform workspaces, the Terraform module registry, and Sentinel/Semgrep policy implementations.
  • Calibrate hard vs. advisory guardrails, eliminate false positives, and expand coverage as new resource types onboard to self-service.
  • Accelerate Vault adoption across CarGurus workloads — handling dynamic secrets, PKI/CA, transit encryption, and AWS dynamic IAM credentials.
  • Execute the tactical roadmaps toward zero standing long-lived credentials in production.
  • Maintain and operate our governed Amazon Bedrock platform, implementing per-team access controls, cost attribution, anomaly detection, and self-service access patterns.
  • Assist in extending governance to developer AI tooling (Claude Code, Copilot) as adoption scales.
  • Expand the AWS self-service catalog and paved-path IaC offerings so teams can provision, operate, and own cloud resources independently.
  • Monitor adoption metrics and use feedback to prioritize the next platform investments.
  • Execute GitHub Actions maturity initiatives including GitHub Connect adoption, org-scoped runner observability, bundled action governance, CircleCI adoption and migration, and pipeline supply-chain hardening.
  • Ensure teams can deliver reliably on modern, self-owned CI/CD infrastructure.
  • Actively grow teammates' capabilities through thorough code and IaC reviews, pairing on complex problems, and sharing context and patterns that help the immediate team move more independently.
  • Contribute to team coding standards and documentation.
  • Partner with adjacent teams (Cloud Infrastructure, SRE, DevX, and product engineering) to align on technical concerns at team boundaries.
  • Represent Cloud Enablement's perspective clearly in shared discussions and help resolve integration ambiguity.
  • Participate in the team's on-call rotation and incident response.
  • Apply incident learnings to improve platform reliability and reduce toil for the team and its customers.
  • Actively incorporate AI tooling (Claude Code, GitHub Copilot, Amazon Q) into your engineering workflow — from generating and reviewing IaC to accelerating architecture exploration and incident triage.

Benefits

  • Equity for all employees, both when they start and as they continue to grow with us.
  • Career development programs
  • Corporate giving programs
  • Employee resource groups (ERGs) and communities
  • Flexible hybrid model
  • Robust time off policies
  • Daily free lunch
  • New car discount
  • Meditation and fitness apps
  • Commuting cost coverage
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service