Jobs//Hybrid//Cybersecurity + IT//

Senior Security Engineer - Application Security at Rapid7 (Greater Boston Area, MA)

Rapid7
| Greater Boston Area | Hybrid
Sorry, this job was removed at 8:46 a.m. (EST) on Tuesday, November 30, 2021
View 167 Jobs
Find out who's hiring in Greater Boston Area.
See all Cybersecurity + IT jobs in Greater Boston Area
View 167 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Senior Security Engineer - Application Security

At Rapid7, we’re on a mission to close the security achievement gap for our customers by simplifying the complex through shared visibility, analytics, and automation that unite teams around challenges and successes of cybersecurity. Our products and services empower over 9,100 customers across over 120 countries to seamlessly build security into the heart of their organizations. 

Our internal Information Security team plays a crucial role in supporting our mission: we focus on removing barriers to great security by partnering with other teams to reduce risk so we can sustainably deliver on our mission to our customers. On top of that, we get to “eat our own dogfood” as Rapid7’s Customer Zero: we use all of our products to advance our security program, and we provide valuable feedback about how to improve our products for our benefit and our customers’ benefit.

We’re looking for a Senior Security Engineer to help advance our Application Security program, which is focused on empowering our employees to deliver secure applications at scale so our company and customer data/systems are protected from compromise. Our Application Security team partners closely with our Platform Delivery (DevOps), Software Engineering, Product Management, and IT teams to provide security guard rails that seamlessly integrate with our SDLC in ways that make it easier for engineers to deliver secure applications and reduce risk to our customers and company. 

Your profile

Are you looking for a new opportunity to channel your application security expertise into scaling security guard rails that make it easy for developers to deliver secure applications? Do you want to build and implement tools to create a seamless secure SDLC? Do you eagerly seek out and embrace feedback from perspectives different from your own? 

If you’ve been answering “yes” to these questions, then you might be the person we’re looking for! Keep reading below to learn more about this unique opportunity to drive impact on a security team at a security company. 

What you’ll do

  • Implement and tune application security tools with developer user experience in mind, such as SCA, SAST, DAST, RASP, WAF

  • Automate and integrate security processes and controls throughout our entire SDLC, from IDEs to source control systems to CI/CD pipelines to production deployments

  • Define hardening and secure design standards and use them to perform application security reviews in partnership with developer teams

  • Build positive relationships with partner teams in IT, DevOps, Software Engineering, and Product Management to continuously improve our application security strategies and priorities for protecting our customers and company

  • Help create metrics to demonstrate the effectiveness of our application security program and inform continuous program improvements

  • Provide feedback and recommendations to product teams on ways to improve Rapid7’s products and partner ecosystem

  • Report and communicate security issues and topics to technical and non-technical audiences, ranging from individual contributors to C-suite executives

What you’ll bring

  • Knowledge of secure web application architecture patterns and common vulnerabilities (OWASP Top 10)

  • Experience implementing application security tools (SCA, SAST, RASP, WAF, DAST)

  • Experience developing software using Java, JavaScript, Go, and/or Python

  • Experience implementing microservice-based web applications with modern cloud infrastructure services, especially AWS

  • Experience using container and container orchestration technology (Docker, Kubernetes)

  • Experience with CI/CD tools (Jenkins, Spinnaker)

  • Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Excellent ability to communicate to technical and non-technical audiences with a positive, collaborative, and enablement-focused attitude

  • Insatiable curiosity and desire to challenge conventional approaches to solving problems

Pluses

  • Experience with DevOps tooling, such as Terraform, Chef, or Puppet

  • Experience with securing Docker, Kubernetes, or other containerization technologies

  • Experience with threat modeling using frameworks such as STRIDE and tools such as ThreatDragon, pytm, ThreatSpec, Threagile, etc.

Equal Opportunity Employer 

Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

Location

Rapid7 is conveniently located between the North End and West End of Boston, with plenty of restaurants and public transport close by.

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

How has your career grown since starting at the company?

Ive been on many teams in my time at Rapid7 and they have certainly “grown” from a size perspective, but more importantly, they all evolved with the changing times and needs. Some of the teams I was on were critical for our sales grown in an emerging market and though they no longer exist by name, I can see the tangible impact we made.

Sarah

Manager, Commercial Sales

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Employee resource groups
Employee-led culture committees
Hybrid work model
President's club
Employee awards
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave Benefits
Generous parental leave
Family medical leave
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Bereavement leave benefits
Company-wide vacation
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Home-office stipend for remote employees
Meditation space
Mother's room
Onsite gym
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Continuing education stipend
Variable.
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this