Integrate security controls and practices into Rubrik’s secure SDLC and collaborate with Engineering to embed security into every phase of the development process.
Perform security assessments of applications, identifying vulnerabilities and weaknesses through both automated and manual testing techniques.
Carry out detailed analysis of identified vulnerabilities to ensure high fidelity findings are provided to Engineering teams.
Assist in identifying and implementing frictionless "shift-left" strategies to seamlessly and proactively prevent vulnerabilities earlier in the SDLC.
Aid in the collection, management and reporting of key Application Security metrics to track progress and identify trends.
Analyze and harden existing applications, automation, and deployment processes
Participate in security design reviews and threat modeling of proposed products and feature releases
Work with development teams, operations, governance, and other stakeholders to document security guidance, processes and standards for Rubrik products and services

Requirements

Bachelor’s degree required; BS or MS in Computer Science, Information Technology, or a related field
5+ years’ experience in Application Security, with experience across SDLC activities such as threat modeling, secure code review, vulnerability management, and penetration testing
Knowledge of regulatory guidelines and standards such as FedRAMP, SOC2, ISO 27001 etc.
Broad knowledge of web, application, and cloud attack vectors and exploits
Comprehension in multiple programming languages (Python, Go, Scala, C/C++, Javascript/Typescript)
Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices
Working knowledge of at least one major public cloud provider (AWS, GCP, Azure)
Understanding of application security maturity model frameworks and how to apply them
Foundational knowledge of deploying and securing SaaS applications and cloud environments
Team player, ability to establish priorities, deal with conflicts, work independently, proceed with objectives and can-do attitude
A self-starter with excellent critical thinking and problem solving skills
Strong written and verbal communication skills.

Benefits

The role is eligible for bonus potential
Equity
Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Application Securitythreat modelingsecure code reviewvulnerability managementpenetration testingprogramming languagesCI/CD pipelinecontainerizationMicroServicesSaaS applications

Soft Skills

team playercritical thinkingproblem solvingstrong communication skillsability to establish prioritiesconflict resolutionindependencecan-do attitude

Certifications

Bachelor’s degreeBS in Computer ScienceMS in Computer ScienceInformation TechnologyISO 27001SOC2FedRAMP