Senior Manager, Site Reliability Engineering

About the team:

The Information Security organization advances the overall state of security at Rubrik through critical initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our assets, provides awareness education to teams on security best practices for data protection, and ensures data governance and data sharing relationships with third parties in order to securely protect Rubrik information. 

Where can you make an impact?

Rubrik is seeking creative problem solvers with a passion for cyber security. In this role you will partner with all parts of the business to build security solutions that help secure the brand and protect the organization, company and customer environments. You will be responsible for executing security engineering programs and managing security technologies across the board. The ideal candidate for this role is someone who can build innovative ways to deliver frictionless security capabilities to enhance the security posture of the organization.

What you'll do:

• Join Rubrik’s InfoSec team as a Site Reliability Engineering (SRE), Senior Manager to help support and scale cloud security services for Information Security’s Engineering and CloudOps teams
• As a Site Reliability Engineering Senior Manager, you will be leading a team responsible for providing security solutions and managing security infrastructure in cloud and datacenter environments in support of internal customer security needs using tools and techniques such as monitoring, testing, automation, and incident response
• The successful candidate will be highly self-motivated with a passion for excellence, quality and detail
• The SRE Senior Manager will support operations, maintenance, and collaborate with the developers and architects to define requirements, standards, aid in the design; and implementation to deliver new infrastructure services and improve stability, security, and scalability
• Drive Security automation tasks that span from Security Operations to Infrastructure as Code in support of Security initiatives
• Drive Production Readiness Assessments of new services to identify reliability needs and surface potential gaps
• Develop and maintain system performance SLA’s
• Manage and prioritize team priorities, commitments, and strategic roadmaps
• Drive projects that have a broad impact across the organization
• Manage on-call responsibilities and resource availability for mission critical systems
• Oversee the planning, implementation, and maintenance of the Security infrastructure and services
• The ideal candidate would also mentor, coach, and evaluate the site reliability engineers on the team ensuring that they have the necessary skills, knowledge, and resources to deliver high-quality results

Experience you'll need: 

• 8+ years experience in security engineering, building and managing infrastructure solutions across the stack (on-prem and cloud) 
• Strong understanding of logging and data management best practices and strong experience in any logging and/or SIEM platform
• Experience with Vault, Terraform, Puppet, Chef, Jenkins and Github
• Proficiency in any scripting language (Python, PowerShell, Perl, Ruby, shell, etc.)
• Working experience in GCP, AWS or Azure
• Working knowledge of GCP, AWS or Azure security controls, tools, and resource management
• Operational knowledge of Linux and Windows systems
• Experience with with security automation and data management tools (XSOAR, Phantom, Snowflake, etc)

Preferred Qualifications:

• Security certifications are a plus (CISSP, CISM, SANS certs, vendor certs, etc.)
• Basic knowledge of container technologies (Docker, Kubernetes, etc), microservices and CI/CD pipelines
• Prior experience working in environments with NIST 800-53, NIST 800-171 controls or FedRAMP requirements

This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government’s interests:

• Know, acknowledge, and follow system-specific security policies and procedures;
• Protect data and individual privacy per requirements and regulations;
• Perform ongoing activities in compliance with service and contractual obligations;
• Participate in role-based training, completing assignments on a timely basis; 
• Report security issues promptly, and aid investigation when needed;
• Support controlled changes and vulnerability remediation activities; and
• Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.  

This position carries responsibilities and duties involving U.S. Government interests. The selected incumbent may be subject to any or all of the additional background checks noted below:

Position Risk Designation: Non-Sensitive, Low Risk, Tier 1 

Incumbents without access to U.S. Government data may be required to complete Standard Form 85 and undergo a Tier 1 Investigation (T1) for non-sensitive positions of Low Risk. (Baseline screening; formerly National Agency Check and Inquiries (NACI)).

Position Risk Designation: Non-Sensitive, Moderate Risk, Tier 2 (Public Trust)

Incumbents with access to U.S. Government data may be required to complete Standard Form 85P and undergo Tier 2 (T2) Investigation for non-sensitive positions designated Moderate Risk.

Position Risk Designation:Moderate Risk Law Enforcement (CJIS)

When hired for a position where access to Moderate Risk criminal justice information is required, the employee must complete a fingerprint-based national criminal history background check within 30 days after the employee’s start date.