Director, Security Operations
Company Description
Rapid7 (NASDAQ: RPD) is helping organizations around the globe advance securely. Our technology, services, and community-focused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. With more than 9000 customers across 120+ countries, Rapid7 is a recognized leader in cybersecurity that has proudly earned numerous industry accolades and strong recognition for our technology and culture. Learn more at www.rapid7.com.
Our Mission
By continuously improving our technology, stemming the creation of risk in the community, and making security more usable and accessible, Rapid7 enables technology professionals to gain the clarity, command, and confidence they need to safely drive innovation and protect against risk. Our product suite helps organizations to quickly predict, deter, detect, and remediate attacks and obstacles to productivity.
The Opportunity
What if security was an opportunity and not an obstacle? What if it wasn’t a clunky afterthought, or a cumbersome requirement preventing you from doing the things you really want to do? What if you could securely advance your business with clarity and confidence? We like the sound of that too.
Just like many of our customers, as Rapid7 continues to grow, so does our attack surface. That’s why we’re looking for an amazing leader to join us as our Director of Security Operations reporting to the Chief Security Officer. You’re the kind of person who wants to lead and support a high-functioning security operations team and evolve it into a world-class operation. You’ll level up our defensive security operations (including vulnerability management, threat detection, and incident response) in partnership with team leaders in those areas. On top of that, you’ll build a new offensive security operations program (including attack simulations against our company’s applications, infrastructure and more) to ensure we’re continuously tested and prepared to defend against attacks from threat actors. You’ll do all of this in collaboration with your partner teams across the company, both inside and outside InfoSec. Also, have you ever wondered what it's like to work on a security team at a security company? (Hint: it's kind of amazing.)
Are you looking for a new opportunity to channel your security, technology, and leadership expertise into supporting and developing a talented team of security practitioners? Do you believe security should empower people to do their work safely and productively, with guardrails and not gates? Are you a security optimist, recognizing that humans are the most important part of the solution rather than the weakest link in the chain? Do you find yourself daydreaming about new solutions to old problems?
If you’ve been answering “yes” to these questions, then you might be the person we’re looking for! Keep reading to learn more about this unique opportunity.
The Role
We are looking for someone who can lead our maturing SecOps organization and evolve it as an industry leader, providing an example of how we provide great experiences both for our internal stakeholders and external customers by identifying, managing and reducing risk to businesses’ most sensitive data. This person will have responsibility for:
Leading, supporting, and advocating for a highly motivated defensive security operations team, with disciplines in vulnerability risk management, threat detection, and incident response
Building a new offensive security operations team
Providing mentorship and career development opportunities for the team, enabling them to scale
Defining the long-term vision, strategy, and roadmap for our security operations group, prioritizing automation every step of the way
Building positive relationships with partner teams to continuously improve our strategies for protecting our customers and company
Partnering with our CSO on strategic direction of security operations to meet the needs of the business
Communicating complex topics in ways everyone can understand, from technical team contributors to C-level executives
Positively influencing the culture of security at Rapid7
Addressing escalation from principal staff and managers
Qualifications and Traits
5+ years leading, developing, and recruiting managers and technical teams, preferably in defensive and offensive capacities
9+ years of experience in InfoSec, preferably in penetration testing, red teaming, threat detection, incident response, and/or vulnerability management
A passionate people leader who can lead teams of teams and focuses on growing and developing talent
Comprehensive experience defining and/or building metrics to measure and improve the effectiveness of security controls
Ability to balance strategic vision for the future with the technical competence to lead the execution
Outstanding communication and cross-functional partnering skills
Comprehensive knowledge of Infrastructure-as-a-Service security concepts/best practices, especially AWS
Deep experience defining and/or building highly automated security processes, playbooks, controls, etc.
Deep experience of threat hunting & deception techniques
Deep knowledge of tactical, operational and strategic intelligence areas
Expert knowledge of network traffic analysis (Netflow, Full Packet Capture, DPI)
Expert knowledge of responding to computer incidents and computer misconduct investigations
Expert knowledge of adversaries tactics, techniques, and procedures (TTPs) and how they may impact the organization
Comprehensive understanding of cloud incident response processes
Comprehensive understanding of how to acquire and analyze digital forensic information
Working knowledge of software engineering principles applied to security practices (e.g. detection engineering, security as code, unit/regression/integration tests, security guardrails)
The ability to carefully balance staying the course with guiding your managers’ and teams’ plans when new information and priorities arise
Comprehensive knowledge of project ownership and excellent time and task management skills
Additional
Experience developing software tooling to solve custom problems
Experience using Rapid7 products (InsightVM, InsightIDR, InsightConnect, and/or Metasploit)
Experience using Agile principles and work management frameworks (e.g. Scrum) for security work
Preferred locations: Boston, MA; Arlington, VA; Belfast, UK; Austin, TX; Los Angeles, CA