Senior DevOps Engineer

About the role

At CarGurus (NASDAQ: CARG), our mission is to give people the power to reach their destination. We started as a small team of developers determined to bring trust and transparency to car shopping. Since then, our history of innovation and go-to-market acceleration has driven industry-leading growth. In fact, we're the largest and fastest-growing automotive marketplace, and we've been profitable for over 15 years. What we do The market is evolving, and we are too, moving the entire automotive journey online and guiding our customers through every step. That includes everything from the sale of an old car to the financing, purchase, and delivery of a new one. Today, tens of millions of consumers visit CarGurus.com each month, and ~30,000 dealerships use our products. But they're not the only ones who love CarGurus-our employees do, too. We have a people-first culture that fosters kindness, collaboration, and innovation, and empowers our Gurus with tools to fuel their career growth. Disrupting a trillion-dollar industry requires fresh and diverse perspectives. Come join us for the ride! Role overview CarGurus is seeking a Senior DevOps Engineer to join our Cloud Enablement team. This team builds and operates the cloud platform capabilities, automation, and guardrails that help engineering teams provision infrastructure, deploy services, and work securely in the cloud with less friction. In this role, you will contribute to the design, implementation, and operation of scalable platform services that improve developer experience, strengthen reliability, and support self-service infrastructure across the company. We are looking for an engineer who is hands-on, execution-oriented, and motivated by building practical solutions that other engineers rely on every day. Our primary domains include: Infrastructure Delivery: HCP Terraform workspaces, Terraform module registry governance, Sentinel and Semgrep policy enforcement, and self-service IaC paved paths for development teams. Secrets Management: HashiCorp Vault implementation, dynamic short-lived credentials, PKI/CA, and supporting the rollout of zero-static-credential patterns across production workloads. CI/CD Platform: GitHub Actions maturity (GHES, GitHub Connect, org-scoped runners), Concourse infrastructure, and pipeline supply-chain security. AWS Self-Service: No-code and IaC-driven provisioning for S3, Lambda, ElastiCache, and expanding the self-service catalog to new resource types. AI Infrastructure Governance: Governed Amazon Bedrock access, per-team token quotas and cost dashboards, Bedrock Savings Plan management, and developer AI tooling (Claude Code, GitHub Copilot) governance. Platform Integrity: Sentinel/Semgrep policy maturity, shift-left guardrails, pipeline hardening, and cloud maturity model advancement.

Responsibilities

• IaC Platform & Policy Engineering: Manage HCP Terraform workspaces, the Terraform module registry, and Sentinel/Semgrep policy implementations. Calibrate hard vs. advisory guardrails, eliminate false positives, and expand coverage as new resource types onboard to self-service.
• Secrets & Security Integration: Accelerate Vault adoption across CarGurus workloads - handling dynamic secrets, PKI/CA, transit encryption, and AWS dynamic IAM credentials. Execute the tactical roadmaps toward zero standing long-lived credentials in production.
• AI Infrastructure Governance: Maintain and operate our governed Amazon Bedrock platform, implementing per-team access controls, cost attribution, anomaly detection, and self-service access patterns. Assist in extending governance to developer AI tooling (Claude Code, Copilot) as adoption scales.
• Developer Enablement & Self-Service: Expand the AWS self-service catalog and paved-path IaC offerings so teams can provision, operate, and own cloud resources independently. Monitor adoption metrics and use feedback to prioritize the next platform investments.
• Mentorship & Code Quality: Actively grow teammates' capabilities through thorough code and IaC reviews, pairing on complex problems, and sharing context and patterns that help the immediate team move more independently. Contribute to team coding standards and documentation.
• Cross-Team Collaboration: Partner with adjacent teams (Cloud In

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at cargurus? Share your experience