Director, Incident Response

Rapid7 is seeking a Director of Incident Response to lead and scale our client-facing IR function. This pivotal role demands a strategic leader capable of driving service portfolio expansion and influencing product innovation in a high-growth environment. If you're a seasoned professional ready to make a significant impact on global cybersecurity, we invite you to explore this opportunity.

About the Team

Rapid7's Incident Response (IR) team is the frontline for Managed Detection and Response (MDR) customers, acting swiftly to contain cyber threats, limit damage, and restore stability. Our mission is to respond rapidly, minimizing impact and guiding customers through high-stakes situations.

Beyond crisis intervention, we proactively help organizations prepare for future threats through offerings like compromise assessments and detection and response readiness. We also provide urgent incident support to non-MDR customers. At Rapid7, incident response is a human-centric function, focused on helping customers recover stronger and build lasting resilience.

About the Role

As the Director, Incident Response your primary responsibility will be to lead and mature our global client-facing Incident Response function. Specifically, your focus will be to: 

• Lead and scale our global IR practice, delivering fast, expert-driven response and readiness services that exceed expectations.

• Develop high-performing teams, growing people managers, mentoring IR talent, and fostering a strong, resilient culture.

• Drive revenue growth by owning off-the-street IR service delivery and partnering with Sales to qualify and close opportunities.

• Own capacity management, working with Finance to forecast demand, model delivery, and allocate resources across internal and partner teams.

• Operationalize partnerships, expanding global IR delivery through vetted partners while maintaining quality and consistency.

• Collaborate cross-functionally with Sales, Finance, and Customer Success to set revenue targets, define pricing, and support retention.

• Advance readiness offerings, ensuring proactive services—like compromise assessments and detection readiness—are seamlessly integrated and outcome-driven.

• Champion operational excellence, using automation, tooling, and repeatable processes to improve speed, consistency, and analyst experience.

• Influence product and GTM strategy, aligning with Product and GTM leaders on trends, customer needs, and new service opportunities.

The skills and qualities you’ll bring include:

Role-Specific Skills

• 10+ years in cybersecurity, with 5+ years in incident response leadership roles, ideally within a high-tempo, customer-facing consulting or MSSP environment.

• Deep understanding of the IR lifecycle—from investigation and containment to communication and recovery—and the ability to translate technical efforts into business value.

• Experience building and managing partnerships to scale service delivery while ensuring consistency and customer satisfaction.

• Demonstrated experience owning P&L or revenue targets, pricing strategy, and delivery planning for cybersecurity services.

• A track record of using data to drive decision-making, improve forecasting accuracy, and guide team performance and investment.

• A passion for customer impact, operational clarity, and building resilient, scalable services.

Critical Core Skills & Behaviors 

• Excellent communication and stakeholder management skills—equally comfortable advising customers, mentoring analysts, or aligning with senior leadership.

• Demonstrates comfort with ambiguity, adeptness at bringing order to complex situations, and a strong bias for action.

• Strong cross-functional leadership skills and experience collaborating with Sales, Finance, and PMO functions to drive both delivery and growth.

• Impact Together: Strategically lead cross-functional alignment, leveraging collective expertise to deliver superior incident response outcomes.

• Never Done: Drive continuous evolution of our IR capabilities, demonstrating an insatiable curiosity for innovation within the dynamic threat landscape.

• Be an Advocate: Champion customer success and organizational integrity, decisively advocating for optimal outcomes during high-stakes incidents.

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. 

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us. 

#LI-JM2

#LI-Remote

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.