Senior Operations Engineer, Recorded Future
Site Reliability , Elasticsearch and Kubernetes
Threat intelligence platform
Be an early applicant
Threat intelligence platform
1001+ employees
Be an early applicant
1001+ employees
Company mission
To empower customers with real-time threat intelligence so that they can defend their organizations against threats at the speed and scale of the internet.
Role
Who you are
- Passion for “digging deep” and looking for “weird things” in the system that could indicate pending issues not captured in monitoring
- Experience with one or more metrics collection tools (managed and self-hosted): Prometheus, DataDog, InfluxDB, Telegraph, VictoriaMetrics
- Experience or desire to build visualization dashboards
- Experience with deployment of applications within a Kubernetes environment (preferably) or containerization (Docker, etc)
- Ideally, experience with Kubernetes administration and custom operators
- Ideally, experience with Python
- Experience with network and vulnerability scanning tools a huge plus (nmap, zmap, masscan, nuclei, burp, NESSUS, etc)
- Familiarity with the network stack and operating system tuning: TCP/IP, conntrack, NAT, etc
- Experience with data warehouses (Elasticsearch, ClickHouse, ScyllaDB, PostgreSQL)
- Experience with data processing pipelines using Apache Spark
- Experience with messaging queues such as Apache Kafka, RabbitMQ, and Redis
What the job involves
- The Attack Surface Intelligence (ASI) scanning team is responsible for building and operating the tools and infrastructure which identify potential vulnerabilities in customers’ publicly-exposed infrastructure
- This involves port scanning, headless browsing, and active vulnerability scanning at various levels
- The goal is to continuously improve both the breadth and depth of detection capabilities
- The role is intended to be embedded in the scanning team, working closely with DevOps, Data, and Product Management to ensure the health of the ASI scanning infrastructure and application
- The focus is on understanding how the application runs in the real world and ensuring it operates as intended
- Additionally, the role will involve responsibilities for ensuring the reliability and performance of a data platform that includes data warehouses, data processing pipelines, and various messaging queues
- Work with Product Management to determine internal Service Level Objectives (SLOs) representing the long-term health of the scanning system (both infrastructure and application)
- Build and maintain metric collection that can feed Service Level Indicators (SLIs) to guarantee SLOs
- Build and maintain dashboards displaying SLIs, SLOs, and other key metrics indicating the health of the application
- Investigate cases where the scanning infrastructure or application is not performing as desired, provide guidance to the development team for improvements, and develop additional metric collection/alerting as needed
- Identify application/deployment configuration optimizations for best use of resources and impending resource gaps
- Work closely with DevOps to maintain and improve custom Kubernetes-based application deployment operators
- Identify and fix automation gaps to reduce operational toil
- Ensure the reliability and performance of the data platform, including data warehouses (Elasticsearch, ClickHouse, ScyllaDB, PostgreSQL)
- Manage and optimize data processing pipelines using Apache Spark
- Work with messaging queues such as Apache Kafka, RabbitMQ, and Redis to ensure seamless data flow and processing
- Develop and maintain metric collection, monitoring, and alerting for the data platform
- Build and maintain dashboards displaying key metrics for data platform health and performance
- Collaborate with data engineering teams to troubleshoot and resolve issues related to data storage, processing, and messaging
- Implement best practices for data platform security, scalability, and performance
Our take
Cybersecurity threats are increasingly urgent for businesses, governments, and citizens worldwide, growing in both number and sophistication. Recorded Future has spent over a decade developing a solution to this problem. Its platform leverages billions of data points from across the internet, including dark web sources, state actors, and vulnerability information, to identify and anticipate cybersecurity threats.
While many cybersecurity firms are emerging due to the surging demand, Recorded Future stands out with its market-leading pedigree. Originally funded by In-Q-Tel and Google, its clients include private contractors for the US Intelligence Community, and it has produced influential reports on major cybersecurity issues.
Continuing to expand its capabilities, by adding identity intelligence, attack surface intelligence, and card fraud intelligence. Partnering with companies like Microsoft, it researches new cyber threats. To stay ahead in the evolving cybersecurity field, it must maintain this momentum, and all signs suggest it has the resources, talent, and ambition to succeed.
Freddie
Company Specialist
Insights
Company
Funding (last 2 of 6 rounds)
Oct 2017
$25m
SERIES E
Apr 2015
$12m
SERIES D
Total funding: $58.7m
Company benefits
- Professional development and career advancement
- Flexible work environment, be yourself
- Generous vacation policy
- Wellness programs
- Company outings
- Free snacks, drinks, and coffee in the office
- Parental leave program
- Environmentally conscious
Company HQ
Powder House Square, Somerville, MA
Articles
Leadership
Staffan Truvé
(CTO)Chairman at Makewave AB, Interspecrtal, and Qamcom Research and Technology, alongside being a Board Member at Vinnoca and WASP.
Christopher Ahlberg
(CEO)Previously the founder & CEO of TIBCO Software. Now a Board Member for the Hult International Business School and the Global Emancipation Network.
Salary benchmarks
We don't have enough data yet to provide salary benchmarks for this role.
Submit your salary to help other candidates with crowdsourced salary estimates.
Share this job
View 14 more jobs at Recorded Future