Senior Security Engineer - AppSec (New York) at Rapid7 (Remote)

| Remote
Sorry, this job was removed at 5:06 a.m. (CST) on Monday, December 13, 2021
Find out who’s hiring remotely
See all Remote jobs
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

At Rapid7, we’re on a mission to close the security achievement gap for our customers by simplifying the complex through shared visibility, analytics, and automation that unite teams around challenges and successes of cybersecurity. Our products and services empower over 9,100 customers across over 120 countries to seamlessly build security into the heart of their organizations. 

Our internal Information Security team plays a crucial role in supporting our mission: we focus on removing barriers to great security by partnering with other teams to reduce risk so we can sustainably deliver on our mission to our customers. On top of that, we get to “eat our own dogfood” as Rapid7’s Customer Zero: we use all of our products to advance our security program, and we provide valuable feedback about how to improve our products for our benefit and our customers’ benefit.

We’re looking for a Senior Security Engineer to help advance our Application Security program, which is focused on empowering our employees to deliver secure applications at scale so our company and customer data/systems are protected from compromise. Our Application Security team partners closely with our Platform Delivery (DevOps), Software Engineering, Product Management, and IT teams to provide security guard rails that seamlessly integrate with our SDLC in ways that make it easier for engineers to deliver secure applications and reduce risk to our customers and company. 

Your profile

Are you looking for a new opportunity to channel your application security expertise into scaling security guard rails that make it easy for developers to deliver secure applications? Do you want to build and implement tools to create a seamless secure SDLC? Do you eagerly seek out and embrace feedback from perspectives different from your own? 

If you’ve been answering “yes” to these questions, then you might be the person we’re looking for! Keep reading below to learn more about this unique opportunity to drive impact on a security team at a security company. 

What you’ll do

  • Implement and tune application security tools with developer user experience in mind, such as SCA, SAST, DAST, RASP, WAF

  • Automate and integrate security processes and controls throughout our entire SDLC, from IDEs to source control systems to CI/CD pipelines to production deployments

  • Define hardening and secure design standards and use them to perform application security reviews in partnership with developer teams

  • Build positive relationships with partner teams in IT, DevOps, Software Engineering, and Product Management to continuously improve our application security strategies and priorities for protecting our customers and company

  • Help create metrics to demonstrate the effectiveness of our application security program and inform continuous program improvements

  • Provide feedback and recommendations to product teams on ways to improve Rapid7’s products and partner ecosystem

  • Report and communicate security issues and topics to technical and non-technical audiences, ranging from individual contributors to C-suite executives

What you’ll bring

  • Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10)

  • Experience implementing application security tools (SCA, SAST, RASP, WAF, DAST)

  • Experience developing software using Java, JavaScript, Go, and/or Python

  • Experience implementing microservice-based web applications with modern cloud infrastructure services, especially AWS

  • Experience using container and container orchestration technology (Docker, Kubernetes)

  • Experience with CI/CD tools (Jenkins, Spinnaker)

  • Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Excellent ability to communicate to technical and non-technical audiences with a positive, collaborative, and enablement-focused attitude

  • Insatiable curiosity and desire to challenge conventional approaches to solving problems

Pluses

  • Experience with DevOps tooling, such as Terraform, Chef, or Puppet

  • Experience with securing Docker, Kubernetes, or other containerization technologies

  • Experience with threat modeling using frameworks such as STRIDE and tools such as ThreatDragon, pytm, ThreatSpec, Threagile, etc.

Equal Opportunity Employer 

Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!

Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

Location

Rapid7 is conveniently located in downtown Austin, with plenty of restaurants, bars, and public transport close by.

An Insider's view of Rapid7

What’s the vibe like in the office?

The vibe of the Rapid7 Austin office is a perfect mix of energizing and inviting. Our vibrant office design, diverse team makeup & monthly events keep the space buzzing! There is definitely a more laidback attitude here in Austin and I feel our office perfectly embodies that while still being a space where we can come to get amazing work done.

Cass

Customer Success Representative

What projects are you most excited about?

I am most excited about our recent investments to elevate engagement with the Partner ecosystem. We’ve doubled down on our commitment to the channel and are working on several initiatives to ensure our partners are able to deliver maximum value to their customers with Rapid7 technology.

Billy

Sr. Manager, Domain Engineers

What are some things you learned at the company?

It’s not just the customer who benefits from the culture of compassion. Internally, Rapid7 employees look out for each other and work together to solve problems. Oftentimes, this ends up helping all parties.

Becky

Senior Manager, Customer Success Management

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity Employee Resource Groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring Practices that Promote Diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Our employees receive unlimited hours per year of paid volunteer time.
Paid Holidays
Paid Sick Days
Employees receive unlimited hours per year of paid sick leave.
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Happy Hours
Parking
Fitness Subsidies
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Promote from within
Continuing Education stipend
Variable.
Time allotted for learning
Online course subscriptions available
Paid industry certifications

More Jobs at Rapid7

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Rapid7's full profileSee more Rapid7 jobs