Director, Threat Intelligence & Detection Engineering

About the Team

This position is in our Managed Detection and Response (MDR) service, guiding the formation and execution of the company’s detection strategy and overseeing the direction of Threat Intelligence and Detection Engineering (TIDE) team, including our Threat Hunting program.

The mission of this function is to deliver world class detection engineering, threat hunting, and malware analysis to Rapid7 customers and partners across the globe.

Our detection engineering professionals curate threat intelligence to create detections resulting in alerts worthy of human review through applied research, observation of malicious actor behavior, and emerging threats.

Our vision is to know when, by whom and why. We work across the incident lifecycle to build detections and identify patterns of activities to better understand an adversary’s actions, expedite response, and constantly update the collective understanding of threats.

We leverage this knowledge to arm security practitioners with the actionable intelligence they need to defend their organizations.

About the Role

Are you passionate about changing the game in security? How about leading the charge against adversaries across a dynamic target base?

As the leader of Rapid7's detection engineering, you will oversee a team of extremely talented, driven, and creative front line practitioners, and you will drive our detection strategy, having an ownership role in our future direction in this critical capability.

In this role, you will :

Oversee the direction of our TIDE function, including our malware analysts and detection engineers.

Lead the formulation and evolution of Rapid7’s detection and threat hunting strategy.

Collaborate closely with our global MDR Operations, Product, Engineering, PMO, and Customer Advisor teams to facilitate positive outcomes for internal and external customers.

Serve as a technical and managerial escalation point for complex challenges.

Promote healthy, positive work habits and environments to reduce fatigue and encourage a sustainable work-life balance.

Drive innovation for our products and services to streamline processes, improve reliability and efficacy of our tools, and reduce noise.

Be an escalation point for more senior team members and Rapid7 customers.

The skills you’ll bring include :

10+ years of cyber security experience (preferably focused on detection, malware analysis, incident response, and / or threat intelligence)

5+ years of experience leading security practitioners and detection functions

Prior experience with graphical link analysis tools (Maltego, Analyst Notebook, Palantir)

Prior experience with threat indicator management platforms (ThreatQ, Anomali, RecordedFuture)

Advanced knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools

Prior operational experience leveraging threat intelligence to detect and respond to adversaries

Expertise in tools and techniques for analyzing large sets of data

Extremely strong written and verbal skills

A plus if you have :

Scripting, software development, engineering, and / or devops experience

Prior MDR and / or MSSP experience

Publications and conference speaking engagements

Maltego experience

ThreatQ experience

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences.

If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.