Director, Threat Intelligence & Detection Engineering

About the Team

This position is in our Managed Detection and Response (MDR) service, guiding the formation and execution of the company’s detection strategy and overseeing the direction of Threat Intelligence and Detection Engineering (TIDE) team, including our Threat Hunting program. The mission of this function is to deliver world class detection engineering, threat hunting, and malware analysis to Rapid7 customers and partners across the globe.

Our detection engineering professionals curate threat intelligence to create detections resulting in alerts worthy of human review through applied research, observation of malicious actor behavior, and emerging threats. Our vision is to know when, by whom and why. We work across the incident lifecycle to build detections and identify patterns of activities to better understand an adversary’s actions, expedite response, and constantly update the collective understanding of threats. We leverage this knowledge to arm security practitioners with the actionable intelligence they need to defend their organizations.

About the Role

Are you passionate about changing the game in security? How about leading the charge against adversaries across a dynamic target base? As the leader of Rapid7's detection engineering, you will oversee a team of extremely talented, driven, and creative front line practitioners, and you will drive our detection strategy, having an ownership role in our future direction in this critical capability.

In this role, you will:

• Oversee the direction of our TIDE function, including our malware analysts and detection engineers.
• Lead the formulation and evolution of Rapid7’s detection and threat hunting strategy.
• Collaborate closely with our global MDR Operations, Product, Engineering, PMO, and Customer Advisor teams to facilitate positive outcomes for internal and external customers.
• Serve as a technical and managerial escalation point for complex challenges.
• Promote healthy, positive work habits and environments to reduce fatigue and encourage a sustainable work-life balance.
• Drive innovation for our products and services to streamline processes, improve reliability and efficacy of our tools, and reduce noise.
• Be an escalation point for more senior team members and Rapid7 customers.

The skills you’ll bring include:

• 10+ years of cyber security experience (preferably focused on detection, malware analysis, incident response, and/or threat intelligence)
• 5+ years of experience leading security practitioners and detection functions
• Prior experience with graphical link analysis tools (Maltego, Analyst Notebook, Palantir)
• Prior experience with threat indicator management platforms (ThreatQ, Anomali, RecordedFuture)
• Advanced knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools
• Prior operational experience leveraging threat intelligence to detect and respond to adversaries
• Expertise in tools and techniques for analyzing large sets of data
• Extremely strong written and verbal skills

A plus if you have:

• Scripting, software development, engineering, and/or devops experience

• Prior MDR and/or MSSP experience

• Publications and conference speaking engagements

• Maltego experience

• ThreatQ experience

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.

Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.