Lead Security Engineer - Threat Detection (Texas)
At Rapid7, our security program not only secures our company’s assets and people but it also plays a part in securing our 9,000+ customers worldwide. As a company, Rapid7 believes in eliminating the gaps in security programs through visibility, analytics, and automation. Our goal is to deliver security solutions for the modern enterprise to address evolving threats. This mission feeds everything we do for our internal security programs
We view security as an opportunity to create value instead of obstacles for our business by providing great security that’s usable as well to make our internal and external customers’ lives easier and more secure. Our core values guide us along the way and are essential factors in our success.
Do you love working in Information Security and want to tackle challenging problems with talented people that you can help develop and learn from? Do you believe that great security and usability can and should go hand-in-hand? Are you constantly thinking of ways to improve security processes, tools, or architectures? If so, you might be a great fit for this role!
What Rapid7 can do for you
We have a unique company culture that is rooted in these five core values:
Bring you - at Rapid7 we recognize that the best solutions come from smart people working together. We provide the space for you to bring your best ideas, your best work, but most importantly, your true self
Challenge convention - innovation doesn’t come from regurgitating the same solutions. At Rapid7 we offer the opportunity to push the envelope and take educated risks together for the advancement of cybersecurity
Impact together - the problems we’re working to solve not only require us to come together as a single herd of Moose, but to support and help each other get better every day. Rapid7's culture promotes coming together in achieving the impact the world needs
Be an advocate - challenging convention is more than innovative solutions, it's advocating together for a better tomorrow. Rapid7 offers the platform for our Moose to research, publish, speak, and move the industry forward
Never done - curiosity is the lifeblood of Rapid7. We offer our Moose the opportunity to grow skills and careers in pursuit of solutions
What you will do at Rapid7
This Senior Security Engineer role is part of our internal Security Operations team, which is part of our Information Security group in the Office of the CTO. In this role, you will:
Automate triage, analysis, response, and remediation tasks and processes with code, APIs, and SOAR tools
Conduct log analysis across a diverse ecosystem of technology (operating systems, internally-developed web apps, software-as-a-service apps, cloud infrastructure)
Conduct incident root cause analysis (RCA) and incident reviews
Lead organized hunts to find unknown security incidents, gaps in visibility, or areas for improvement in security controls
Develop and test incident response playbooks
Contribute to the creation and tuning of detection rules
Help us create a company full of security evangelists who partner with you to solve the greatest security challenges
Collaborate to prevent, detect, and respond to incidents in traditional and cloud-based infrastructure
Consult on security impacting projects and advocate for threat detection & response needs
Participate in the security incident commander on-call rotation
Help us advance security in our own programs, for our customers, and for the security community at large
Conduct research to keep up to date on threat actors and new TTPs
What you will bring with you
A security engineering mindset with an abundance of curiosity
Experience automating threat detection and response activities using web APIs, SOAR tools, and coding/scripting languages (Python, Go)
Excellent interpersonal skills and ability to see things through the customer’s eyes
Broad information security experience in disciplines such as detection engineering, threat hunting, digital forensics, and incident response
Experience monitoring and responding to security incidents involving traditional (Windows, Mac, Linux) and cloud-based infrastructure (AWS, GCP, and/or Azure)
Demonstrable analytical expertise, attention to detail, critical thinking, and adaptive learning
Solid understanding of cyber threats, adversary techniques, response procedures, enterprise architecture, as well as general threat detection methods
Experience in designing, / implementing, and automating processes and tools to improve incident detection and response
Solid understanding and interest in recognized information security related standards and technologies (training, job experience and / or industry activities)
Capability to map technical findings to business impact and communicate with non-technical audiences
Working knowledge of core enterprise IT concepts (web application architectures, networking, hybrid cloud etc.)
Knowledge of industry recognized security and analysis frameworks (MITRE ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.)
Pluses
Previous DFIR consulting experience
Experience with operating system internals, hardening approaches, web application security, and detection engineering
Experience with host-based and network-based forensic concepts / tools
Equal Opportunity Employer
Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!