Be essential at Cars Commerce
At Cars Commerce, we’re fanatical about simplifying everything about car buying and selling. We do right by our customers and consumers to better connect the industry with simplified and tierless technology to enhance, measure and drive local automotive retail. Whether through our No.1 most recognized marketplace, Cars.com, our industry-leading digital experience, Dealer Inspire, our trade and appraisal technology, AccuTrade, or our new Cars Commerce Media Network, Cars Commerce is essential for success in the automotive industry.
No one ever travels alone here: at its core, Cars Commerce is collaboration. In fact, it’s built into the very fabric of our shared values. We like to say we Rise Together – putting people at the center of what we do, from consumer to customer to community. Life at Cars Commerce makes it easy when we share the ethos to be Open to All, encouraging open-minded communication because we know diverse thinking yields better outcomes. But critical to our success is Caring to Challenge and Taking Ownership, fueling a competitive spirit in a respectful environment where we think about tomorrow but act today. At our foundation, we have integrity, Doing the Right Thing, even when it’s hard. It’s our shared commitment to these values that makes Cars Commerce a place where growth becomes not only possible, but downright unavoidable.
But don’t take our word for it. As a U.S. News & World Report Best Company to Work For in 2024, we’re obsessive about the employee experience. We are among the top 20% being declared “Best” of our industry based on six critical factors that are important to employee wellbeing, like quality of pay, benefits, work life balance and more.
About the role:
As a Security Operations Engineer, you will be responsible for ensuring the security of our software development and deployment processes while promoting a culture of security within our organization. You will collaborate closely with development, operations, and security teams to integrate security practices seamlessly throughout the software development lifecycle.
Responsibilities:
- Implement and manage security tools and technologies within the CI/CD pipeline.
- Conduct security assessments, code reviews, and penetration testing to identify and address vulnerabilities.
- Implement security controls and best practices for infrastructure as code (IaC) and cloud environments.
- Automate security testing and compliance checks using scripting and configuration management tools.
- Monitor and analyze security events and incidents, responding promptly to mitigate threats.
- Provide guidance and support to development and operations teams on secure coding practices and infrastructure configurations.
- Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices.
- Collaborate with cross-functional teams to prioritize security initiatives and drive continuous improvement.
- Upon detection of a security incident, support a thorough investigation to assess the scope and impact of the incident.
- Analyze logs, network traffic, and system configurations to identify the root cause of the incident and determine the extent of any compromise.
- Collaborate with development, operations, and security teams to gather relevant information and context for incident analysis.
- Implement mitigation strategies to contain and remediate the security incident promptly.
- Utilize automation tools and scripts to facilitate rapid response and recovery efforts.
- Coordinate with relevant stakeholders to deploy patches, updates, or configuration changes to address vulnerabilities and prevent further exploitation.
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- 3+ years experience in SecOps cloud roles
- Proven experience in DevOps or software development roles, with a focus on security.
- Understanding of DevOps principles and methodologies.
- Hands-on experience with AWS cloud platforms and containerization technologies (e.g., Docker, Kubernetes).
- Proficiency in scripting languages such as Python, PowerShell, or Bash.
- Experience with security tools such as vulnerability scanners, intrusion detection systems (IDS), and security information and event management (SIEM) solutions.
- Familiarity with compliance standards such as PCI DSS, HIPAA, and GDPR.
- Excellent communication and collaboration skills, with the ability to work effectively in a team environment.
Preferred Qualifications:
- Security certifications such as CISSP, CEH, or AWS Certified Security Specialty.
- Experience with infrastructure as code tools (e.g., Terraform, Ansible, Chef).
- Knowledge of secure software development frameworks (e.g., OWASP).
- Experience with DevSecOps tools and practices (e.g., DevSecOps automation, shift-left security).
#LI-REMOTE #LI-NP1
In the spirit of pay transparency, we are excited to share the base salary range for this position which is not inclusive of bonuses, benefits or other forms of compensation that the position may be eligible for. If you are hired at Cars Commerce, your final base salary compensation will be determined based on factors such as skills and/or experience. If the salary range is close to what you’re seeking, then we encourage you to apply and learn more about the total compensation package for this position.
Salary Range
$115,300 – $144,100 USD
Our Comprehensive Benefits Package includes:
- Medical, Dental & Vision Healthcare Plans
- 401(k) with Company Match + Immediate Vesting
- New Hire Stipend for Home Office Set-Up
- Employee Stock Purchase Program
- Generous PTO
- Refuel – a service based recognition program where employees receive additional paid time away to learn grow and reset
- Paid Holidays, Floating Holiday, Volunteer Day, Recharge Day
- Learn more about our Benefits, Perks, & Culture on our LinkedIn Life Pages!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. California Applicants: Click here to review our California Privacy Policy for Applicants. For current employees, please click here to review our California Privacy Policy for Employees.