Information Security Architect
CarGurus is looking for a dynamic, experienced Information Security Architect to ensure our data is protected from all threats and vulnerabilities. The goal of the Information Security Architect is to engage with company leaders, colleagues, and vendors on security assurance while developing guidelines, templates, and tools used to secure our environment. You will use your passion for security to help shape and drive key initiatives throughout the organization.
What You’ll Do:
- Design and implement end to end security architecture for production systems, including security design analysis, risk management, data privacy compliance, vendor and application security assessments.
- Refine and identify new sources of data to aid in security monitoring and security investigations
- Drive security initiatives with cross-functional groups
- Manage vulnerability remediation processes including penetration testing tools techniques.
- Lead security design reviews and threat modeling for new features and functionality
- Incident response
- Participate in the development of materials to increase awareness of and adherence to security best practices
- Set up of systems and Infrastructure for successful audits
Who You Are:
- 7+ years of Information Security experience.
- An owner of Security policy and procedure with experience in a 24/7 commercial web product environment
- Experience working across web product and corporate systems & infrastructures
- Previous experience with implementing controls and partnering with Auditors specific to SOX
- A Technical Expert in network defense technologies, forensic tools, and active defense technologies
- Ability to partner with Software Engineering, Finance, and IT teams in applying best practices.