Senior Security Engineer - Threat Detection & Response

3+ months agoBoston, MA / Remote

At Rapid7 , our security program not only secures our company's assets and people but it also plays a part in securing our 9,000+ customers worldwide. As a company, Rapid7 believes in eliminating the gaps in security programs through visibility, analytics, and automation. Our goal is to deliver security solutions for the modern enterprise to address evolving threats. This mission feeds everything we do for our internal security programs

We view security as an opportunity to create value instead of obstacles for our business by providing great security that's usable as well to make our internal and external customers' lives easier and more secure. Our core values guide us along the way and are essential factors in our success.

Do you love working in Information Security and want to tackle challenging problems with talented people that you can help develop and learn from? Do you believe that great security and usability can and should go hand-in-hand? Are you constantly thinking of ways to improve security processes, tools, or architectures? If so, you might be a great fit for this role!

What Rapid7 can do for you

We have a unique company culture that is rooted in these five core values:

  • Bring you - at Rapid7 we recognize that the best solutions come from smart people working together. We provide the space for you to bring your best ideas, your best work, but most importantly, your true self
  • Challenge convention - innovation doesn't come from regurgitating the same solutions. At Rapid7 we offer the opportunity to push the envelope and take educated risks together for the advancement of cybersecurity
  • Impact together - the problems we're working to solve not only require us to come together as a single herd of Moose, but to support and help each other get better every day. Rapid7's culture promotes coming together in achieving the impact the world needs
  • Be an advocate - challenging convention is more than innovative solutions, it's advocating together for a better tomorrow. Rapid7 offers the platform for our Moose to research, publish, speak, and move the industry forward
  • Never done - curiosity is the lifeblood of Rapid7. We offer our Moose the opportunity to grow skills and careers in pursuit of solutions

What you will do at Rapid7

This Senior Security Engineer role is part of our internal Security Operations team, which is part of our Information Security group in the Office of the CTO. In this role, you will:
  • Automate triage, analysis, response, and remediation tasks and processes with code, APIs, and SOAR tools
  • Conduct log analysis across a diverse ecosystem of technology (operating systems, internally-developed web apps, software-as-a-service apps, cloud infrastructure)
  • Conduct incident root cause analysis (RCA) and incident reviews
  • Lead organized hunts to find unknown security incidents, gaps in visibility, or areas for improvement in security controls
  • Develop and test incident response playbooks
  • Contribute to the creation and tuning of detection rules
  • Help us create a company full of security evangelists who partner with you to solve the greatest security challenges
  • Collaborate to prevent, detect, and respond to incidents in traditional and cloud-based infrastructure
  • Consult on security impacting projects and advocate for threat detection & response needs
  • Participate in the security incident commander on-call rotation
  • Help us advance security in our own programs, for our customers, and for the security community at large
  • Conduct research to keep up to date on threat actors and new TTPs

What you will bring with you
  • A security engineering mindset with an abundance of curiosity
  • Experience automating threat detection and response activities using web APIs, SOAR tools, and coding/scripting languages (Python, Go)
  • Excellent interpersonal skills and ability to see things through the customer's eyes
  • Broad information security experience in disciplines such as detection engineering, threat hunting, digital forensics, and incident response
  • Experience monitoring and responding to security incidents involving traditional (Windows, Mac, Linux) and cloud-based infrastructure (AWS, GCP, and/or Azure)
  • Demonstrable analytical expertise, attention to detail, critical thinking, and adaptive learning
  • Solid understanding of cyber threats, adversary techniques, response procedures, enterprise architecture, as well as general threat detection methods
  • Experience in designing, / implementing, and automating processes and tools to improve incident detection and response
  • Solid understanding and interest in recognized information security related standards and technologies (training, job experience and / or industry activities)
  • Capability to map technical findings to business impact and communicate with non-technical audiences
  • Working knowledge of core enterprise IT concepts (web application architectures, networking, hybrid cloud etc.)
  • Knowledge of industry recognized security and analysis frameworks (MITRE ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.)

  • Previous DFIR consulting experience
  • Experience with operating system internals, hardening approaches, web application security, and detection engineering
  • Experience with host-based and network-based forensic concepts / tools

Equal Opportunity Employer

Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it's the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!

Job ID: rapid7-R2319