Senior Site Reliability Engineer - FedRAMP

About the team:

The Information Security organization advances the overall state of security at Rubrik through critical initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our assets, provides awareness education to teams on security best practices for data protection, and ensures data governance and data sharing relationships with third parties in order to securely protect Rubrik information.

About the role:

Rubrik is seeking creative problem solvers with a passion for cyber security. In this role you will partner with all parts of the business to build security solutions that help secure the brand and protect the organization, company and customer environments. You will be responsible for executing security engineering programs and managing security technologies across the board. The ideal candidate for this role is someone who can build innovative ways to deliver frictionless security capabilities to enhance the security posture of the organization.

What you'll do:

• Deploy and operate security solutions and supporting infrastructure in cloud and datacenter environments in support of internal customer security needs and FedRAMP requirements
• Develop and automate Security tasks that span from Security Operations to Infrastructure as Code in support of InfoSec initiatives
• Manage the availability, capacity and configuration of InfoSec’s mission critical applications and services
• Define, measure and monitor SLAs & SLOs for systems and services with the objective of achieving and exceeding availability and reliability goals
• Manage and streamline monitoring systems to enhance observability and enable proactive identification of issues.
• Coordinate and manage incidents, upgrades and changes for InfoSec’s applications and services
• Drive post-incident analysis with partner teams and/or vendors to identify root cause and ensure preventative measures are implemented promptly
• Assist in Security Incident investigations
• Manage a scalable and highly available solution for security logging and drive efforts of logging onboarding for increased security visibility
• Perform Production Readiness Assessments of new services to identify reliability needs and surface potential gaps
• Develop and maintain documentation and runbooks to reduce MTTR and inform future automation development
• Work cross functionally across global time-zones requiring flexible work hours
• Participate in 24/7 on-call rotations

Experience you'll need:

• Bachelor degree in Computer Science or related field or equivalent experience
• 8+ years experience in security engineering, building and managing security solutions across the stack (on-prem and cloud)
• Strong understanding of logging and data management best practices and strong experience in any logging and/or SIEM platform
• Experience with Vault, Terraform, Puppet, Jenkins and Github
• Proficiency in any scripting language (Python, PowerShell, Perl, Ruby, shell, etc.)
• Working experience in GCP
• Operational knowledge of Linux and Windows systems
• Experience with security automation and data management tools (XSOAR, Phantom, Snowflake, etc)
• Prior experience working in environments with NIST 800-53, NIST 800-171 controls or FedRAMP requirements

Preferred Qualifications:

• Security certifications are a plus (CISSP, CISM, SANS certs, vendor certs, etc.)
• Experienced knowledge of container technologies (Docker, Kubernetes, etc), microservices and CI/CD pipelines

Security and Privacy Responsibilities:

• Know, acknowledge, and follow system-specific security policies and procedures;
• Protect data and individual privacy per requirements and regulations;
• Perform ongoing activities in compliance with service and contractual obligations;
• Participate in role-based training, completing assignments on a timely basis;
• Report security issues promptly, and aid investigation when needed;
• Support controlled changes and vulnerability remediation activities; and
• Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.

Position Risk Designation:

This position carries duties and responsibilities involving the U.S. Federal Government’s interests. The selected incumbent may be subject to one or both of the additional background checks with periodic re-screening as noted below:

Position Risk Designation: Non-Sensitive, Low Risk, Tier 1

Incumbents without access to U.S. Government data may be required to complete Standard Form 85 and undergo a Tier 1 Investigation (T1) for non-sensitive positions of Low Risk.

Equal Opportunity Employer/Veterans/Disabled

Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.