At Rapid7, our mission is to create a secure digital world. While we are recognized globally for our industry-leading security solutions, our internal Information Security and Trust, Risk, & Compliance (TRC) teams are the architects of that mission from within. We do not simply advocate for best-in-class security; we build the frameworks that define it.
The landscape of Governance, Risk, and Compliance is undergoing a fundamental shift. At Rapid7, we are moving beyond traditional "check-the-box" compliance toward a modern, engineering-led function that serves as a strategic driver for the enterprise.
A New Mandate: From Process to Systems Engineering
The traditional view of TRC often involves maintaining static processes and manual oversight. At Rapid7, we are redefining this paradigm. We believe that for security to scale at the pace of modern innovation, it must be integrated, automated, and engineered—not just managed.
Our TRC function is transitioning into a force multiplier. By leveraging AI, advanced automation, and sophisticated tooling, we are building a global ecosystem that prioritizes:
- Continuous assurance: Transitioning from point-in-time audits to real-time, data-driven visibility.
- Operational excellence: Reducing complexity to increase organizational clarity and confidence.
- Business enablement: Designing security frameworks that accelerate growth rather than hindering it.
The TRC-as-Code Philosophy
This evolution represents the core of our "TRC-as-Code" philosophy. We are seeking technical leaders across our Infosec pillars who view compliance and risk as engineering challenges. We are not looking for practitioners to merely "run the process"—we are looking for architects to develop scalable TRC products to support rapid iteration.
Core Focus Areas Across our Teams:
- Scalable architecture: Designing and implementing global frameworks that scale alongside Rapid7’s rapid growth.
- Technical leadership: Acting as subject matter experts to resolve ambiguity and translate complex regulatory requirements into technical solutions.
- Automation-first mindset: Utilizing smart tooling and AI to eliminate manual toil and build a robust, self-sustaining security ecosystem.
Why Join the Rapid7 Security Team?
Working on the security team at a cybersecurity company offers a unique vantage point. You are protecting the protectors. At Rapid7, you are part of a culture that values innovation, collaboration, and measurable impact.
- Engineering-led culture: We value technical proficiency and the desire to build systems that last. You will have the autonomy to shape the direction of our security posture.
- Global collaboration: From our centers of excellence in Europe to our headquarters in Boston and beyond, you will partner with world-class engineers to solve the industry’s most pressing challenges.
The "First Customer" Advantage: You have the opportunity to influence and secure the very environment that produces the tools used by thousands of security teams worldwide.
Join the Mission
We are looking for bold thinkers who are ready to raise the bar and own their impact. If you thrive in resolving ambiguity and want to turn risk management into a strategic business advantage, we invite you to explore the opportunities within our growing team.
- Culture
- Infosec