We are looking for a Senior Security Researcher to join our global Threat Intelligence & Research team. This senior-level position is ideal for someone with deep technical expertise, a passion for understanding adversaries, and the drive to transform cutting-edge research into actionable security outcomes. You will lead advanced malware and threat actor research, design and publish detection logic, and contribute to strategic threat intelligence that powers our products and protects our customers.

As a Senior Security Researcher, you’ll shape research direction, mentor junior analysts, and collaborate cross-functionally with product teams, detection engineers, and intelligence analysts. Your work will directly influence how Rapid7 and our customers defend against the most sophisticated adversaries.

This is a unique opportunity to be at the forefront of global cyber threat research—where your expertise will have an immediate and lasting impact.

About The Team

The Threat Intelligence & Research team at Rapid7 is dedicated to identifying, analyzing, and mitigating advanced threats across the global cyber landscape. We combine in-depth malware and vulnerability research with scalable analytics to deliver world-class intelligence. Our outputs fuel Rapid7’s products and services, enabling customers to detect, prevent, and respond to cyberattacks with confidence.

By working with this team, you’ll join a group of highly skilled researchers and engineers who thrive on curiosity, technical rigor, and collaboration.

Your Main Focus Will Be

• Lead research on advanced malware families, exploitation techniques, and adversary tradecraft.

• Reverse engineer malicious code and develop detection signatures (YARA, Suricata, Sigma).

• Conduct threat actor analysis and improve pro-active hunting logic on groups.

• Translate raw technical findings into high-impact intelligence products, advisories, and customer-facing reports.

• Mentor and guide junior analysts, sharing expertise in malware, exploitation, and adversary TTPs.

• Drive hunting activities using internal telemetry and global intelligence sources.

• Correlate adversary activity to MITRE ATT&CK and MITRE D3FEND frameworks.

• Collaborate with product, engineering, and MDR/IDR teams to operationalize research outputs.

• Represent Rapid7 at conferences, community projects, and in industry publications.

The Skills You Will Bring Include

• Proven expertise in reverse engineering (e.g., IDA Pro, Ghidra, Radare2) and advanced malware analysis.

• Demonstrated ability to create high-quality detection logic (YARA, Suricata, Sigma).

• Proficiency in at least one scripting or programming language (Python, Go, C/C++).

• Familiarity with large-scale data analysis, telemetry enrichment, and API-driven workflows.

• Ability to produce and present clear, actionable research to both technical and executive audiences.

• Experience collaborating with cross-functional security and product teams.

• Prior contributions to threat intelligence, open-source research, or community projects is a strong plus.

• Comfortable mentoring and supporting junior researchers in technical and analytical growth.

• Embracing change and challenging the status quo to pursue impact

• Passion about developing your craft to elevate your impact

• ​Ability to hold yourself responsible for driving outcomes and commitments

• Strong communication skills - communication in clear manner that conveys the objectives

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. 

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us. 

#LI-SIM