Sr. Security Engineer - Cloud Security

US - MA - Boston


US - MA - Boston, US - CA - Los Angeles, US - Remote, US - TX - Austin, Northern Ireland - Belfast, US - VA - Arlington


Information Security

Senior Security Engineer - Cloud Security

At Rapid7, we believe in simplifying the complex through shared visibility, analytics, and automation that unite teams around challenges and successes of cybersecurity. We're looking for a Senior Cloud Security Engineer to join our Security Engineering team, who empower our employees to design, build, and use applications and infrastructure securely at scale so our company and customer data are protected from compromise. This role will partner closely with our Platform Delivery (DevOps), Software Engineering, and IT teams to provide secure-by-default infrastructure by using a “paved road” approach.

What you'll do

  • Develop secure-by-design cloud infrastructure configurations/policies to prevent new cloud security issues (using Terraform, IAM policies, and cloud resources policies, such as AWS Service Control Policies)

  • Build automated alerting and remediation workflows for cloud security issues (using DivvyCloud, Slack, and AWS resources like API Gateway, Lambda, S3, DynamoDB)

  • Mentor team members around security, engineering, and collaboration best practices

  • Collaboratively develop & implement solutions that empower teams to deliver secure infrastructure at scale

  • Build positive relationships with partner teams to continuously improve our strategies for protecting our customers and company

  • Communicate complex topics in ways everyone can understand, from technical team contributors to non-technical C-level executives

  • Positively influence the culture of security at Rapid7

What you'll bring

  • Experience securing cloud infrastructure, especially AWS resources (like EC2, EKS, S3, Lambda, RDS, SQS, SNS, etc.) running web applications and APIs

  • Experience with cloud security services such Amazon GuardDuty, AWS Security Hub, AWS Config, Azure Sentinel, or Google Security Command Center

  • Experience with SOAR tooling, especially InsightConnect, Phantom, and/or Demisto

  • Experience in software development, especially by using web APIs and languages like Python, Go, Java, and/or JavaScript

  • Experience with DevOps tooling, especially Terraform, Chef, and/or Puppet

  • Solid time management & prioritization skills with a strong ability to plan, prioritize, and execute projects in coordination with other teams

  • Proficiency communicating to technical & non-technical audiences with a positive, collaborative, and enablement-focused attitude

  • Insatiable curiosity & desire to challenge conventional approaches to solving problems


  • Experience with GCP or Azure

  • Experience with securing Docker, Kubernetes, or other containerization technologies

  • Preferred locations: Boston, MA; Belfast, UK; Austin, TX; Los Angeles, CA; San Francisco, CA; Arlington, VA