Rapid7 seeks a highly skilled, motivated and experienced Director of Information Security Programs & Transformation to join our Information Security Team.  This senior leader will be able to design and build an information security program structure: people, process and technology that will enable scaling our program.   The ideal candidate will engage and collaborate with cross-functional Rapid7 business leadership to drive the success of our programs, and be a player coach to their security program team.  This leader will be a key member of the Information Security leadership Team overseeing a Global Program Management Team. Rapid7 continues to experience significant growth, and this leader will help evolve the ongoing operations and development of our global team. 

About the Team

The Information Security Team is at the forefront of protecting Rapid7’s 11,000 customers, ensuring regulatory compliance, and enhancing Rapid7 security products. We lead with transparency and data-driven decision making, manage the effective delivery of business outcomes, and contribute to continuous program maturation through standardization and iterative improvement.

About the Role

As Director of our Information Security Programs & Transformation  your primary responsibility will be to leverage your robust "tool box" of  Security, Compliance and Program Management knowledge and strategies to build repeatable processes, ensure accountability across InfoSec and partner teams, and show us how to measure success. With experience navigating new environments, you will be looking to assess and improve our existing program and build out a program/project management team within Information Security as we scale.

Specifically, your focus will be to: 

• Significantly mature our Information Security program management and project management processes and tools to more effectively deliver security value for our company and customers.

• Design and implement information security technology and workflow capabilities:  to structure project and operational activities  from both internal and external sources (customers, regulators, auditors).  Activities could include, but are not limited to:  Secure Development, Control Operation, Risk Remediation, Vulnerability Management, Third Party Risk, Customer Requests, Security Incident After Action, Threat Hunts. 

• Integrate project and operational activities into a program structure that allows for cross functional ownership.

• Own the delivery of an information security metrics program for consumption by Rapid7 Leadership, Board of Directors, Customers, Auditors, and Regulators.

• Develop and maintain Information Security’s project roadmap with our CSO and InfoSec leadership team. 

• Present Information Security Metrics and Roadmap status to executive leadership during Quarterly Business Reviews (QBRs).

• Cross functional coordination in the use of Rapid7 security technology and security to protect Rapid7.

• Coordinate with project leads to ensure projects are prioritized and stay on track by helping identify/remove blockers.

• Work with different product and engineering teams at Rapid7 on the security partnership framework and their security champions/engineers.

• Collaboration with IT leadership regarding Mobile, Network, and Identity and Access Management projects.

• Partner with our Security Risk Management Lead and multi-functional risk owners to ensure risk owners’ remediation plans stay on track or are course-corrected in a timely fashion.

• Assist in establishing and circulating InfoSec’s annual goals and capabilities ensuring InfoSec’s roadmap fully supports them and that they align with and uphold department/company-level goals.

The skills and qualities you’ll bring include:

Role-Specific Skills

• 5+ years of experience in a leadership role

• 10+ years of experience in an information security focused role is preferred

• Experience leading security and compliance programs

• Experience building and leading PMO organizations

• Working knowledge of project management methodologies and demonstrated understanding of the SDLC.

• Fluency with a standard suite of project management tools, particularly JIRA & Confluence.

• BS in Analytics, Statistics, Informatics, Information Systems, Computer Science or another quantitative field or equivalent experience

Critical Core Skills & Behaviors 

• Strong work ethic, grit, desire to learn, organizational skills and self-motivation

• Exceptional communication skills and experience with facilitating cross-functional collaboration and developing partnerships across functional areas.

• Agile mindset and iterative approach to developing deliverables

• Sharp business and interpersonal skills; Should be able to effectively communicate status and escalate blockers

• Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success. 

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
 

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. 

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.

#LI-WP1

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.