Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We're a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We're looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world!
About the Role:
Dragos is seeking a highly skilled Senior Software Engineer to join our Vulnerability Analysis content team. The ideal candidate will play a pivotal role in accelerating the delivery of vulnerability findings to our customers through robust automation and tooling. Collaborating closely with our team of vulnerability analysts, this person will be responsible for designing, building, and maintaining the CI/CD pipeline that powers our analysis review and deployment workflows. This critical function supports the rapid and accurate dissemination of vulnerability intelligence to protect operational technology (OT) environments.
Responsibilities:
- Design, build, and maintain CI/CD pipelines for content review, validation, and deployment, including vulnerability analysis, asset catalogs, and report generation.
- Develop and improve analyst workflows and tooling to streamline the vulnerability analysis and publication process.
- Partner with vulnerability analysts to understand pain points and automate repetitive tasks in the content creation lifecycle.
- Implement automated testing frameworks including unit, integration, and end-to-end tests for vulnerability content validation.
- Implement and maintain data validation, schema enforcement, and content quality assurance automation to ensure accuracy and consistency of vulnerability findings.
- Collaborate with other engineering teams to integrate vulnerability content delivery into broader Dragos systems.
- Mentor junior engineers and guide best practices.
- Continuously improve deployment velocity and content quality.
Qualifications:
- 5+ years in a production software development environment, with 2+ years of experience with Python development.
- 1+ years of experience designing and maintaining CI/CD pipelines using tools such as Jenkins, GitLab CI, GitHub Actions, or similar.
- Experience with containerization technologies (Docker, Kubernetes) and infrastructure-as-code (Terraform, Ansible, or similar).
- Experience with cloud platforms (AWS, Azure, or Google Cloud Platform) and cloud-native services.
- Demonstrated ability to design and build developer tooling and workflow automation that improves team productivity.
- Proficiency with git workflows, branching strategies, and code review processes at scale.
- Solid understanding of Linux systems administration and command-line tooling.
- Strong communication skills with the ability to translate technical concepts for non-technical stakeholders.
- Experience working in a security-focused environment or with security content delivery pipelines is a plus.
- ICS/OT knowledge and experience is nice to have.
- Rust knowledge and experience is nice to have.
- Experience with observability tools (Prometheus, Grafana, ELK stack, or similar) is helpful.
- Background in vulnerability management, threat intelligence, or security operations is a bonus.
Compensation:
- Competitive Equity Package
- Comprehensive Benefits Plan
#LI-JF1 #LI-REMOTE
#LI-NH1 #LI-REMOTE
Dragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.
Never miss an opportunity! Create an alert based on the job you applied for.
