Manager, Security Governance, Risk, and Compliance at CarGurus

This role is designed for a technical GRC leader with at least 7 years of experience who wants to move beyond "check-the-box" compliance. The ideal candidate has deep experience in high-growth tech environments and is comfortable transitioning traditional risk programs into data-driven, quantitative models. You should have a strong grasp of AWS and cloud data platforms, as you will be the bridge between technical engineering teams and executive leadership. The position offers a competitive salary of $144k–$180k, plus RSUs and discretionary bonuses. You'll join a "people-first" hybrid culture in Boston that prioritizes work-life balance and high-end perks like daily free lunch and car discounts. A major highlight is the opportunity to lead AI Governance, shaping how the company adopts LLMs and emerging technologies under ISO 42001. **You might be a good fit if you:** * Have successfully managed ISO 27001 and SOC 2 audits in cloud-native environments. * Are comfortable using the FAIR framework or CRQM platforms to communicate risk in financial terms. * Can navigate complex privacy regulations like GDPR and CPRA. * Enjoy mentoring a team and acting as a business enabler rather than a "roadblock."