Rapid7's tCell product is the next-generation Cloud-based Web Application Firewall (WAF) and Realtime Application Self-Protection (RASP) which provides runtime security for web applications by gathering application security data via in-app instrumentation, and enforcing adaptive policies to stop a broad spectrum of attack types including zero-days. The solution is driven by large scale data collection of application behavior that is analyzed for threats and anomalies. Security teams are then able to quickly respond to incidents, as well as continuously improve their security posture by applying protective policies that prevent applications compromise.
Job Overview: Rapid7's tCell backend consists of several distributed data services that power the application protection solution. This includes a data platform, and sophisticated data analysis to detect malicious attackers.. Our UI is a rich reactive UI with various data visualizations to provide visibility into the security of applications under protection. Our agent technology has in-depth application instrumentation and attack detection capabilities to provide “sensors” to monitor and controls to protect against attacks.
In this position, you'll join the team to work on our advanced solution to monitoring and protecting applications against attacks.
Design and implement functionality for various security features across various parts of the product stack
Work with team to ensure good quality via implementing automated tests, building test utilities, and analyzing test results
Work on monitoring and observability aspects of the product, to ensure high uptime, and user satisfaction
Respond to system incidents, for rapid root cause analysis, and remediation
Work with others to improve CI/CD pipeline for better developer productivity, and deployment reliability
Implement infrastructure for improved automation in cloud environments
Collaborate with other team members on bringing innovative solutions that solve our customer's most challenging problems.
Experience and/or Interest in Application Security
A passion for innovative and clean solutions to challenging problems at scale
6+ months of experience with a track-record of success in tackling hard problems
Excellent coding abilities in Java, Python, and bash
Experience with functional programming languages such as scala and clojure, a plus
Experience in using Datadog or other Operations and Monitoring and Alerting system a plus
Prior experience with monitoring, or setup of various database systems, such as RDS, PostgreSQL, Cassandra, Druid, Elastic, Kafka, or similar systems a plus
Experience with CI/CD systems, including jenkins, github actions, and spinnaker, a plus
Excellent understanding of containers and orchestration, in particular docker and kubernetes, a plus
Ability to work in either Linux and Windows environments, ability to work in both, a plus
A knack for taking high level requirements, and having excellent technical judgement to deliver high quality functionality under tight schedules
Bachelor's degree (or higher) in Computer Science, or equivalent experience. (Masters a plus)