RainFocus Logo

RainFocus

Cybersecurity Engineer (Remote)

Posted Yesterday
Be an Early Applicant
In-Office or Remote
Hiring Remotely in Lehi, UT
Mid level
In-Office or Remote
Hiring Remotely in Lehi, UT
Mid level
Mid-level Security Engineer owning vulnerability and application security programs: scanning, replication and remediation; managing bug-bounty triage; participating in secure design and threat modeling; triaging incidents; maintaining endpoint and security tooling; collaborating with DevOps and engineering to secure AWS-hosted applications and run security awareness programs.
The summary above was generated by AI
RainFocus, one of the most innovative software companies, is in search of an exceptional Cybersecurity Engineer
 
About RainFocus
 
RainFocus cares about its employees, customers, and the world in which we live. Our rapidly growing team serves Fortune 500 companies like Adobe, Cisco, IBM, Oracle, VMware, and others to prepare and execute in-person, virtual, and hybrid events across the world. Those events are delivered through our industry-disrupting software platform, with groundbreaking business intelligence, to elevate the attendee experience, streamline event operations, and accelerate marketing results. We are well-funded, growing fast, and building a company that is changing the market — it will be challenging, fun, and exciting.
 
About the Role

As a Security Engineer, you will play a critical role in safeguarding our organization's digital assets, infrastructure, and application ecosystem. This is a mid-level, autonomous role (not entry-level) where you will bridge the gap between IT operations, software development, and risk management.

You won't just be reviewing logs, settings, and configs; you will be actively replicating vulnerabilities, collaborating with developers on secure architecture, managing our bug bounty program, and keeping our security tool stack running smoothly.

Core Responsibilities

  • Vulnerability & Application Security Management: Own the vulnerability management program end-to-end: oversee continuous vulnerability scanning (Tenable) and software composition analysis/code dependencies (Sonarqube), drive remediation across teams, and replicate and validate discovered vulnerabilities using tools like Burp Suite and Kali Linux.

  • Crowdsourced Security & Threat Intel: Manage and triage our crowdsourced bug bounty program (BugCrowd) and monitor our external security posture rating (Bitsight).

  • Secure Development Collaboration: Act as the security voice in developer architecture meetings. Partner with engineering teams to review code dependencies, threat-model new features, and ensure secure coding practices.

  • Risk & Change Management: Own and conduct system impact analyses for proposed changes, represent security on the Change Control Board (CCB), and lead threat modeling sessions for new systems, features, and infrastructure changes.

  • Incident Management & Operations: Triage and document security incidents within OneTrust and Jira. Collaborate with DevOps to ensure security tools are properly deployed across AWS environments and endpoint configurations.

  • Endpoint & Tool Oversight: Maintain a "read-only/audit" oversight of our endpoint detection, MDM, and email security tools (Sophos, JAMF, BetterCloud) to ensure compliance and active alerting.

  • Security Awareness & Culture: Administer the security awareness learning modules (RF Academy) and lead internal initiatives to keep security top-of-mind for all employees.

Required Skills & Qualifications

  • Citizenship: All candidates must be a US citizen.

  • Experience: 3–5 years of dedicated experience in a technical cybersecurity role (e.g., Security Engineer, AppSec Engineer, or Senior Security Analyst, etc.).

  • Application Security: Strong familiarity with the OWASP Top 10, web application security testing, and reviewing secure code dependencies (SCA).

  • Vulnerability Assessment: Proven experience running enterprise vulnerability scanners, interpreting results, and driving remediation across cross-functional teams.

  • Cloud & Infrastructure: Foundational knowledge of cloud environments (specifically AWS) and securing cloud-native applications.

  • Communication: Excellent collaboration skills. You must be able to sit down with software developers, understand their sprint goals, and help them fix security bugs without breaking their workflow.

Preferred Experience & Tool Stack

    Direct experience with our specific stack is a massive plus:

  • AppSec/PenTesting: Burp Suite, Kali Linux, BugCrowd, Sonarqube

  • SecOps & Vulnerability: Tenable, Bitsight, OneTrust

  • IT & Endpoint Ecosystem: Jira, AWS, Sophos, JAMF, PDQ, BetterCloud

  • Certifications: CompTIA Security+, CEH, GIAC, or progress toward a CISSP, or other relevant certifications

  • Automation: Basic scripting skills (Python, PowerShell, or Bash) to automate repetitive security tasks or log analysis.

  • Security Frameworks: Experience with maintaining compliance with PCI-DSS, ISO 27001, and SOC 2 frameworks.

  • Artificial Intelligence: Experience utilizing AI to improve productivity and efficiency, as well as experience reviewing AI tools, integrations, and features.

Success Measures

  • Proactive Remediation: Decreased time-to-remediation for vulnerabilities identified by Tenable and BugCrowd.

  • Seamless Dev Integration: Active, constructive participation in developer sprint/architecture cycles, resulting in fewer security defects reaching production.

  • Incident Readiness: Efficient tracking, documentation, and resolution of incidents within OneTrust

Success Measures

  • Reduced number of security incidents and vulnerabilities.
  • Timely and effective incident response and resolution.
  • Successful implementation and adherence to security policies and procedures.
  • Positive feedback from internal teams on security awareness and training programs.
  • Successful completion of security audits and compliance assessments.

Why work at RainFocus?
 
At RainFocus we delight millions of attendees at large-scale events by delivering better insights, experiences, and marketing. We were able to pivot our product and services offering in 2020 to continue growing and serving new clients and events.
 
As a member of the RainFocus team, you will have the opportunity to experience first-hand the impact of our platform at events around the world. Additionally, RainFocus offers competitive salaries, competitive benefits, 401k, generous PTO, and countless other team building activities. 
 
What are you waiting for? Apply today! We need more talented, hard-working, fun-loving team members just like yourself!

Similar Jobs

An Hour Ago
Remote or Hybrid
USA
134K-250K Annually
Senior level
134K-250K Annually
Senior level
Machine Learning • Payments • Security • Software • Financial Services
Senior digital product manager for retail lending who defines digital strategy, designs and prioritizes digital experiences, builds business cases, manages development and launches, partners with stakeholders (Technology, Marketing, MIS, LOB), coaches product teams, and supports risk, compliance, and audit needs.
Top Skills: Agile Web DevelopmentBusiness Requirements DocumentationData VisualizationIt ArchitectureJavaScriptWireframing
An Hour Ago
Remote or Hybrid
USA
100K-223K Annually
Senior level
100K-223K Annually
Senior level
Machine Learning • Payments • Security • Software • Financial Services
Lead and develop a team of automation engineers, own test automation backlog and frameworks, drive UI/API/performance testing, integrate AI-driven testing practices, collaborate cross-functionally, hire and mentor staff, and contribute hands-on to automation and CI/CD improvements.
Top Skills: Agentic AiApache JmeterAWSAzureBitbucketCi/CdContainerizationCypressGCPGenerative AiGithub ActionsJavaScriptJenkinsMonitoringObservabilityPlaywrightPostmanPrompt EngineeringPythonRest ApisSeleniumTypescript
2 Hours Ago
Remote
USA
150K-224K Annually
Senior level
150K-224K Annually
Senior level
Fintech • Information Technology • Payments • Sharing Economy • Financial Services • Cryptocurrency
Senior security engineer responsible for developing automation and tooling, building and deploying security solutions, conducting incident response and proactive threat hunting, supporting investigations through data analysis, and advising development teams. Must document solutions, participate in agile teams, mentor juniors, and continuously research evolving security threats.
Top Skills: AWSAws CodedeployAzureBashCircleCICloud IamContainer OrchestrationGithub ActionsGitlab PipelinesGoJavaLog ManagementPythonTravisci

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account