As a Manager of Threat Intelligence & Detection Engineering, your primary responsibility will be to lead a group of talented, driven, and creative Detection Engineers. The team is responsible for the upkeep and advancement of the detection library for Rapid7’s MDR service.

About the Team

Rapid7’s Threat Intelligence & Detection Engineering (TIDE) team provides our managed SOC with high-fidelity and actionable threat detections and alerting. This limits threat actors' dwell time and impact across our customers' ecosystems. The TIDE team uses purposeful research, threat intelligence curation, observed malicious behavior, and informed collaboration to ensure that our detection and response capabilities evolve with the ever-changing threat and technological landscape. 

About the Role

As a Manager of Threat Intelligence & Detection Engineering, your primary responsibility will be to lead a group of talented, driven, and creative Detection Engineers responsible for the up-keep and advancement of the detection library for Rapid7’s MDR service. Our team’s mission is to empower excellence in our customer’s security posture by continuously refining the Rapid7 MDR service's detection and response capabilities. This enhances their effectiveness to swiftly identify incidents while reducing analyst strain. We will collaborate closely with the SOC, Engineering, and Data Science teams to identify patterns of activity to improve detections, assist with the creation of new data models, and constantly update the collective understanding of threats. 

Specifically, your focus will be to: 

• Provide a strong team vision, guidance, goals, and assistance to a high performing team of detection engineers.

• Contribute to strategic planning focused on driving forward detection and response capabilities of Rapid7’s MDR service while maintaining operational stability.

• Collaborate closely with internal teams to facilitate positive outcomes for internal and external customers.

• Promote healthy, positive work habits and environments to reduce fatigue and encourage a sustainable work-life balance.

• Develop and socialize a deep understanding of internal and external customer personas in order to improve the efficiency and efficacy of our SOC.

• Oversee and guide team projects ensuring that they deliver the expected outcomes on time, while allowing your team to grow in autonomy and mastery of their craft.

• Create streamlined processes/workflows to help improve the reliability and efficacy of our tools, and reduce noise.

• Explore new opportunities for improving SOC analyst experience through automation, machine learning, and artificial intelligence.

• Directly and indirectly interact with customers and prospects as needed.

• Communicate and celebrate the successes of your team and the new capabilities they create.

• Create, track and iterate on metrics that measure the efficacy of our detection and response program.

The skills and qualities you’ll bring include:

• 2+ years of professional management or team lead experience, performing 1:1’s, coaching and mentoring teams (preferably in SOC/CIRT environments).

• 4+ years of SOC and/or IR experience.

• Experience with common cybersecurity tools and techniques and up-to-date knowledge of attacker techniques, tools, and procedures.

• A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.

• Expertise in tools and techniques for analyzing large sets of data.

• Effective collaboration within the SOC and between departments.

• Extremely strong written and verbal skills.

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
 

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. 

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.

#LI-BD1 #LI-Remote

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.