This is a remote position. Security Engineer Overview We are seeking a Security Engineer to design, implement, and maintain security controls across cloud environments, data platforms, and AI-driven applications. This role will focus on protecting systems built on AWS, Azure, Tableau, Power BI, and DealCloud CRM, ensuring the confidentiality, integrity, and availability of data and applications. This is a hands-on technical role ideal for someone with strong cloud and application security experience, with exposure to modern data and AI environments. Key Responsibilities - Design and implement security controls across cloud environments (AWS, Azure) - Secure applications, APIs, and data pipelines supporting AI and analytics platforms - Implement and manage identity and access management (IAM) and role-based access controls - Conduct vulnerability assessments, penetration testing coordination, and risk analysis - Monitor systems using SIEM and security tools to detect and respond to threats - Ensure secure data handling, encryption, and data governance practices - Support integration security for BI tools (Tableau, Power BI) and CRM platforms (DealCloud) - Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines (DevSecOps) - Respond to and support remediation of security incidents and vulnerabilities - Maintain and enforce security policies, standards, and compliance requirements Requirements Required Qualifications - 4–7 years of experience in Cybersecurity, Security Engineering, or Cloud Security roles - Hands-on experience securing AWS and/or Azure environments - Strong understanding of network security, application security, and cloud security principles - Experience with IAM, access control, and authentication mechanisms - Experience with security tools (e.g., SIEM, vulnerability scanners, endpoint protection) - Knowledge of encryption, data protection, and secure coding practices - Experience with API security and microservices architectures - Strong problem-solving and analytical skills Key Traits for Success - Strong security-first mindset with attention to detail - Ability to identify and mitigate risks proactively - Collaborative approach with engineering and data teams - Adaptability in a fast-evolving, AI-driven environment - Strong communication skills across technical and non-technical audiences

As a Vector Command Specialist, you will work with a team of offensive security consultants to help clients improve their security posture through your technical skills and knowledge of attack surface management strategies. You will serve as a technical analyst and customer liaison. You will also work with various Managed Services teams to help deliver monthly reports to customers, address customer needs, and assist with other security consultant deliverables. About the Team Vector Command is an always-on Red Team operation supporting multiple customers. As part of a specialized team, you will emulate real adversaries by performing large-scale reconnaissance, identifying exposed or high-value assets, and discovering weaknesses that can be leveraged for compromise. After gaining access, the team continues with post-compromise objectives to demonstrate real impact, evade detection, and assess the effectiveness of security controls. This service evaluates far more than vulnerabilities-it tests the customer's entire security posture and defense-in-depth strategy. In addition to offensive operations, you will support customers through external attack surface analysis, exposure reconnaissance, integration of accounts and tools, preparation of monthly Red Team reports, and prioritization of customer requests. Daily collaboration with Vector Command operators is essential, as is maintaining awareness of new vulnerabilities, shifts in customer attack surfaces, and changes across customer environments. About the Role Your primary responsibility will be to support Vector Command customers by conducting external attack surface analysis, exposure reconnaissance, account and tool integrations, preparing monthly red team report deliverables, and prioritizing customer requests. You will work daily with Rapid7's Vector Command Red Team operators, assisting with ongoing red team exercises and staying up to date on the latest vulnerabilities, customer attack surface changes, and exposures within customer environments. Specifically, your focus will be to: - Onboard customers to the Vector Command platform and technologies. - Oversee and ensure the completeness of customer report deliverables. - Serve as the primary point of contact for customer inquiries related to testing operations, alerts, or general Vector Command questions associated with Red Team activities. - Coordinate and host monthly Vector Command Red Team update calls in conjunction with a Rapid7 Red Team lead. - Translate technical concepts and communicate them effectively to non-security personnel. - Coordinate communications between internal Rapid7 services on behalf of customers, including the Managed Detection and Response (MDR) and Managed Vulnerability Management (MVM) teams. - Provide monthly written summaries of each customer's attack surface and Vector Command Red Team operations. - Analyze each customer's exposures and attack surface within the Vector Command platform. - Conduct manual network and service reconnaissance to identify new exposures. - Perform Open-Source Intelligence (OSINT) gathering on customers to identify attack surface elements that extend beyond traditional network services. - Keep the Red Team informed of significant changes in customers' attack surfaces. - Coordinate customer requests and prioritizations with the Red Team operators. - Develop scripts to query and analyze attack surface data from numerous sources and automated systems. - Perform entry level penetration testing activities against external assets, as assigned by the Red Team lead. The skills and qualities you'll bring include: - 3+ years in an active technical security role. - Knowledge of modern penetration testing tools and methods. - Knowledge of external attack surface reconnaissance techniques to identify customer's internet facing exposures. - Strong knowledge of network, web-based application, and IEEE 802.11 security concepts. - Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite. - Experience using scripting languages such as Python and PowerShell - Experience with social engineering techniques and tactics related to reconnaissance and OSINT gathering. - Certifications such as CREST, GPEN, PJPT, PNPT, CPTS, or OSCP are preferred. - Excellent written and verbal communication skills. - Collaborative mindset, contributing to knowledge sharing and cross training - Demonstrates a strong sense of ownership and commitment to the "end-to-end" testing process. Holds themselves and other accountable to driving value and customer outcomes from the initial pre-engagement planning to the final remediation phase - Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-PB1 #LI-Remote About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.

We are seeking a motivated Cyber Software Engineer with strong foundations in distributed systems, embedded networking, and hands‑on security‑focused engineering. In this role, you will contribute to the design, development, and prototyping of advanced cyber research capabilities spanning modern computing environments, IoT platforms, and hardware‑adjacent systems. This position is ideal for an engineer who has demonstrated initiative through research, system‑level experimentation, and security‑relevant tooling, and who is ready to grow into a full‑spectrum cyber researcher under the guidance of other engineers. The ideal candidate brings experience in embedded systems, lightweight communication protocols, distributed sensor networks, side‑channel or hardware‑level analysis, and automation frameworks, with a strong desire to expand into vulnerability research, adversary simulation, and mission‑aligned capability engineering. Primary Responsibilities - Contribute to cyber research initiatives involving distributed systems, embedded platforms, and hardware‑adjacent workloads. - Develop and maintain software components, automation frameworks, and communication mechanisms for research prototypes. - Support analysis of binaries, firmware, and embedded systems to understand behavior, performance characteristics, and potential weaknesses. - Assist in designing and evaluating resilient communication channels, lightweight networking protocols, and covert or constrained‑environment data exchange mechanisms. - Prototype automation and AI‑assisted approaches for reconnaissance, decision‑making, and workflow acceleration. - Analyze adversarial behaviors, system bottlenecks, and protocol‑level vulnerabilities to inform capability design. - Collaborate with other engineers, hardware researchers, and mission teams to integrate software, embedded, and AI‑driven components into cohesive prototypes. - Document research findings, prototype behavior, and architectural concepts for technical and operational audiences. - Participate in iterative testing cycles, system evaluations, and internal experimentation to refine tools and methodologies. - Stay current with emerging trends in embedded security, distributed networking, side‑channel research, and AI‑enabled cyber capabilities. Basic Qualifications - Masters degree in Computer Science, Computer Engineering, or related field. (in progress or completed). Degree must be completed by start date. - Strong programming experience in Python, C/C++, and Bash, with demonstrated ability to build system‑level or automation tooling. - Experience with embedded systems, microcontrollers, and IoT platforms. - Familiarity with networking fundamentals, distributed algorithms, and communication protocol design. - Exposure to security‑relevant engineering, including side‑channel power analysis, hardware‑level workload profiling, penetration‑testing‑adjacent tooling. - Hands‑on experience with Linux environments, scripting, and infrastructure maintenance. - Ability to communicate technical concepts clearly in both written and verbal formats. - Demonstrated initiative through research projects, lab leadership, or open‑source contributions. - US citizenship is required. - Ability to obtain and maintain Top Secret/SCI with Polygraph security clearance. Preferred Qualifications - Active TS/SCI security clearance with Polygraph. - Experience with side‑channel analysis, hardware‑level measurement, or embedded security research. - Familiarity with distributed sensor networks, concurrency optimization, or low‑bandwidth communication systems. - Experience developing or modifying security‑relevant tools, automation scripts, or data‑collection frameworks. - Exposure to reverse engineering fundamentals or firmware‑level inspection. - Background in AI/ML applied to systems analysis, communication optimization, or security workflows. - Experience with web scraping, headless browser automation, or data‑acquisition pipelines. - Familiarity with microcontroller debugging interfaces (UART, SPI, JTAG) or firmware modification workflows. If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares. Original Posting: April 9, 2026 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range $69,550.00 - $125,725.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

• Improve platform reliability and scalability so product teams can ship with confidence across Workleap and ShareGate; • Reduce security and compliance risk through guardrails embedded directly into delivery workflows; • Increase engineering autonomy by reducing dependency on centralized infrastructure support; • Increase system resilience and minimize service disruption through stronger observability, incident response, and proactive capacity planning; • Elevate team impact and organizational leverage by building a high-performing infrastructure and security function; • Improve executive decision-making with clear, business-relevant visibility into security, compliance, and risk posture.