Senior DevOps Engineer

US - VA - Arlington

Location(s)

US - VA - Arlington, US - Remote

Team(s)

Product & Engineering, Security Services


Senior DevOp Engineer

Rapid7 is looking for security practitioners with engineering chops (or engineers with security chops) to support Rapid7's 24x7 Managed Services and Incident Response (IR) teams. We are looking for people who thrive off delivering practical solutions for the problems of today, iterating on existing solutions, and proactively prototyping to head off the security problems of tomorrow. This team is a true force multiplier for front-line security practitioners, unveiling new capabilities and automating any repetitive actions to dramatically enhance their quality of life and optimize their actions. Success in this role will require exceptional communication skills and an unwavering sense of self-accountability. 

Responsibilities:

  • Alignment: Take the initiative to make analytical actions easier and less taxing. This requires understanding and predicting what analysts need, and a drive to ensure they don't have to combat their tech stack.

  • If given a 10 Gb CSV of log data, can you make that data do something useful other than make analysts cry uncontrollably or blow up an analyst's laptop?

  • Can you interrogate APIs to enrich important data points, decode and transform obfuscated PowerShell, and present matches against rule logic to the analyst?

  • Can you scalably tie together all these pieces in a system supporting forensic jobs and data transformation?

Velocity: There is a natural tension between getting it done fast and getting it done right. We expect our engineers to find the right balance between these two competing priorities.

  • Can you work in an environment where each member of your team deploys a solution end-to-end, multiple times per week?

  • Can you be fluid enough to concurrently handle ops responsibilities in an environment where the delivery of a solution doesn't stop at deployment (think SRE/DevOps)?

Accountability: Continuous progress, "picking up a shovel," and maintaining a solid relationship with practitioners via the quality and integrity of your work. Your products speak to your acumen as a technical professional — we don't do guesswork. With creative freedom comes trust, and that means accountability. 

  • Do you possess the drive to independently run down problems?

  • When made aware of a needed feature or issue, can you comfortably manage the research, scoping, implementation, deployment, and then monitoring of said resolution? 

Requirements:

Must be familiar with or motivated to learn how to deploy software (Python, Golang, javascript) and frameworks (Django, Flask, Angular, React) as services on cloud infrastructure (AWS ECS, EC2, SQS, Lambda, Batch, etc) that is...

...Aligned to the SOC's needs

  • Data Analysis: Pandas, JQ, PostgreSQL, MongoDB, Elastic, and any AWS corollaries

  • Data Delivery: DBs/Forensic Artifacts/etc <-> JSON, CSVs, Datatables

  • Data Accessibility: API-first, scripts/CLI tools, web apps, controlled cloud access (AWS)

  • Data Relevance: what data the SOC needs, why they want it, and how they need it

...Deployed at a high cadence (DevOps):

  • CI/CD: Github -> Jenkins (Chef, Saltstack, Ansible, Puppet experience also works)

  • IAC: Terraform (Cloudformation, etc also works)

  • Local scripts made available and maintained for immediate use

...Tested Practically: 

  • programmatic: unit tests, integration tests, linting, etc

  • functional: locally via docker, in test environments, and via monitoring in prod

  • live: Log monitoring, alarms (datadog, etc), & rotating on-call. Think SRE

Rapid7 (NASDAQ: RPD) helps organizations across the globe protect what matters most so innovation can thrive in an increasingly connected world. Our comprehensive technology, services, and community-focused research simplify the complex for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, be in 10 places at once, and shut down attacks. We're on a mission to make security solutions easier to use and access so we can bring safety and resilience to more people.
With more than 10,000 customers across 140+ countries, Rapid7 is a leader in cybersecurity that has earned numerous industry accolades and recognition for our technology and culture.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.