AppSec Jobs
← Back to all jobs

Rubrik

Application Security Engineer - FedRAMP

Palo Alto, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Rubrik

Rubrik, Inc. is a prominent American company specializing in cloud data management and data security. Founded in 2014 and based in Palo Alto, California, Rubrik aims to secure data through its innovative Zero Trust Data Security™ approach, protecting organizations from cyber threats like ransomware. The company has experienced significant growth, going public in April 2024 and achieving a valuation of $3.3 billion by 2019. Rubrik offers a comprehensive platform that streamlines data backup, recovery, and management across hybrid and multi-cloud environments. Its flagship solution, Converged Data Management, integrates backup, recovery, replication, and analytics into a single platform, enhancing data resilience against cyberattacks. The company's services include cloud data management, enterprise data protection, and cyber resilience solutions, catering to a diverse range of customers such as hospitals, schools, government agencies, and large businesses. Rubrik is dedicated to helping organizations recover swiftly from cyber incidents while maintaining data integrity.

Industry

information technology & services

Employees

3,200

1534 engineers

Revenue

$978M

Website

Visit →

Security at Rubrik

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Rubrik's AppSec philosophy centers on securing the platform through a secure SDLC, which includes secure design, coding, testing, and release.
  • They aim to implement frictionless 'shift-left' strategies, embedding security early in the development process.
  • Their risk approach involves continuous and dynamic scanning, an in-house product security team for vulnerability triaging, and independent third-party penetration testing.

Security Team

  • The security organization at Rubrik is described as a "dedicated, globally distributed security team"operating "under the leadership of the CISO,"Michael Mestrovich.
  • A Senior Engineering Manager role in Product Security indicates leading "two engineering teams (8-10 engineers total),"providing a size datapoint.
  • Additionally, the careers portal listed "2 openings"in Information Security at the time of research.

Key Initiatives

  • Rubrik's initiatives include implementing "frictionless 'shift-left' strategies"and embedding security across development phases.
  • Their workflows involve a secure SDLC spanning four stages (secure design, secure coding, secure testing, secure release), threat modeling, security reviews, and design reviews.
  • Vulnerability remediation is driven by an in-house product security team "based on internally defined service level agreements (SLAs),"and independent third-party penetration tests are performed before General Availability.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.