Lead Threat Intelligence Expert 

Rapid7 is looking for an exceptional Lead Threat Intelligence Expert to join our Threat Intelligence research group and take our capabilities to the next level.

You will be a leader in innovating and developing our research group's cyber intelligence OSINT, HUMINT threat intelligence, and malicious infrastructure capabilities.

In this role, you will:

• Required an independent, thorough and diverse individual capable of creating accurate and complete intelligence outputs while also being “customer first” in the highest industry standards.

• Work with customers to understand the needs in the world of cyber threat intelligence to develop new capabilities such as:

• Attack surface analyses.

• Vulnerability discovery and assessment.

• Identifying valuable Cyber Threat Intelligence sources from the Clear, Deep, and Dark web. 

• Detection of malicious infrastructure.

• Educate and empower our customers, providing additional context on various threats and advising on best practices.

• Develop and train capabilities for the research team on techniques to uncover further information.

• Be a leading source of knowledge and expertise for the Cyber Threat Intelligence services group.

• Lead the research teams to analyze ongoing attacks such as phishing, DDoS, data leakage, ransomware, and more, to assess their origin, purpose, and impact on our customers.

• Track down and engage with threat actors across the clear, deep, and dark web to gain further insights and intelligence which is otherwise not accessible.

The skills you'll bring include:

This role will require excellent investigation abilities, familiarity with various dark web communities and ecosystems, advanced cybersecurity fundamentals and underlying concepts, and technical expertise.

• 5+ years of experience in the cybersecurity industry in a research role.

• Deep understanding of using technical tools for OSINT research and the challenges of research over different platforms

• Experience in cyber intelligence or equivalent role with advanced familiarity with cybercrime communities and OSINT sources and tools.

• Independent researcher and natural leader with the ability to lead ongoing efforts to build capabilities and new reports.

• Knowledge of common attacker techniques and tools.

• Prior operational experience leveraging threat intelligence to detect and respond to adversaries.

• Experience in investigating threats, utilizing OSINT, PII, HUMINT, and other research techniques to uncover threat actors and their TTP.

• Familiarity with known cybercrime groups, APTs, and their targeted sectors.

• Experience in a customer-oriented role and able to grasp, synthesize and summarize complex concepts clearly and engagingly.

• Technical know-how in extracting threat data (IPs, domains, ports, malware, and malicious communications) from multiple sources.

• Business understanding and familiarity with corporate security solutions.

• Presentation ability in front of customers.

Nice to have:

• Ability to write scripts and optimize processes skill in python/bash

• Foreign language proficiency, Chinese or Japanese, preferred.

• Previous experience working on security products.

About Rapid7

Rapid7 (NASDAQ: RPD) helps organizations across the globe protect what matters most so innovation can thrive in an increasingly connected world. Our comprehensive technology, services, and community-focused research simplify the complex for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, be in 10 places at once, and shut down attacks. We're on a mission to make security solutions easier to use and access so we can bring safety and resilience to more people.

With more than 10,000 customers across 140+ countries, Rapid7 is a leader in cybersecurity that has earned numerous industry accolades and recognition for our technology and culture.