Cybersecurity Engineer (Remote)
Quick Summary
RainFocus, one of the most innovative software companies, is in search of an exceptional Cybersecurity Engineer. About RainFocus RainFocus cares about its employees, customers,
About the Role
~4 min readAs a Security Engineer, you will play a critical role in safeguarding our organization's digital assets, infrastructure, and application ecosystem. This is a mid-level, autonomous role (not entry-level) where you will bridge the gap between IT operations, software development, and risk management.
You won't just be reviewing logs, settings, and configs; you will be actively replicating vulnerabilities, collaborating with developers on secure architecture, managing our bug bounty program, and keeping our security tool stack running smoothly.
Vulnerability & Application Security Management: Own the vulnerability management program end-to-end: oversee continuous vulnerability scanning (Tenable) and software composition analysis/code dependencies (Sonarqube), drive remediation across teams, and replicate and validate discovered vulnerabilities using tools like Burp Suite and Kali Linux.
Crowdsourced Security & Threat Intel: Manage and triage our crowdsourced bug bounty program (BugCrowd) and monitor our external security posture rating (Bitsight).
Secure Development Collaboration: Act as the security voice in developer architecture meetings. Partner with engineering teams to review code dependencies, threat-model new features, and ensure secure coding practices.
Risk & Change Management: Own and conduct system impact analyses for proposed changes, represent security on the Change Control Board (CCB), and lead threat modeling sessions for new systems, features, and infrastructure changes.
Incident Management & Operations: Triage and document security incidents within OneTrust and Jira. Collaborate with DevOps to ensure security tools are properly deployed across AWS environments and endpoint configurations.
Endpoint & Tool Oversight: Maintain a "read-only/audit" oversight of our endpoint detection, MDM, and email security tools (Sophos, JAMF, BetterCloud) to ensure compliance and active alerting.
Security Awareness & Culture: Administer the security awareness learning modules (RF Academy) and lead internal initiatives to keep security top-of-mind for all employees.
Citizenship: All candidates must be a US citizen.
Experience: 3–5 years of dedicated experience in a technical cybersecurity role (e.g., Security Engineer, AppSec Engineer, or Senior Security Analyst, etc.).
Application Security: Strong familiarity with the OWASP Top 10, web application security testing, and reviewing secure code dependencies (SCA).
Vulnerability Assessment: Proven experience running enterprise vulnerability scanners, interpreting results, and driving remediation across cross-functional teams.
Cloud & Infrastructure: Foundational knowledge of cloud environments (specifically AWS) and securing cloud-native applications.
Communication: Excellent collaboration skills. You must be able to sit down with software developers, understand their sprint goals, and help them fix security bugs without breaking their workflow.
Direct experience with our specific stack is a massive plus:
AppSec/PenTesting: Burp Suite, Kali Linux, BugCrowd, Sonarqube
SecOps & Vulnerability: Tenable, Bitsight, OneTrust
IT & Endpoint Ecosystem: Jira, AWS, Sophos, JAMF, PDQ, BetterCloud
Certifications: CompTIA Security+, CEH, GIAC, or progress toward a CISSP, or other relevant certifications
Automation: Basic scripting skills (Python, PowerShell, or Bash) to automate repetitive security tasks or log analysis.
Security Frameworks: Experience with maintaining compliance with PCI-DSS, ISO 27001, and SOC 2 frameworks.
Artificial Intelligence: Experience utilizing AI to improve productivity and efficiency, as well as experience reviewing AI tools, integrations, and features.
Proactive Remediation: Decreased time-to-remediation for vulnerabilities identified by Tenable and BugCrowd.
Seamless Dev Integration: Active, constructive participation in developer sprint/architecture cycles, resulting in fewer security defects reaching production.
Incident Readiness: Efficient tracking, documentation, and resolution of incidents within OneTrust
Location & Eligibility
Listing Details
- Posted
- July 16, 2026
- First seen
- July 17, 2026
- Last seen
- July 18, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 76%
- Scored at
- July 17, 2026
Signal breakdown

RainFocus is the next-generation event marketing platform built to capture and analyze unprecedented amounts of first-party data for exceptional events and optimized engagement throughout the customer journey.
View company profilePlease let Rainfocus know you found this job on Jobera.
3 other jobs at Rainfocus
View all →Explore open roles at Rainfocus.
Similar Security Engineer jobs
View all →Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.