Jobs//Hybrid//Dallas-Fort Worth, TX//Cybersecurity + IT//

Technical Lead Detection Engineer

Rapid7
| Hybrid
Sorry, this job was removed at 7:03 a.m. (CST) on Monday, November 8, 2021
View 8374 Jobs
Find out who's hiring in Dallas, TX.
See all Cybersecurity + IT jobs in Dallas, TX
View 8374 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Detection Engineer

Do you enjoy information security research and threat intelligence? Do you have experience developing detections? Would you like the opportunity to research the latest threats and techniques used by attackers? 

Rapid7 Managed Detection and Response operate around-the-clock to identify vulnerabilities, detect breaches, respond and investigate attacker activity, and help our customers improve their ability to deal with threats. 

We are looking for a Senior Security Researcher to research and develop detections set to power Rapid7’s detection and response products and services. 

This position is on our Threat Intelligence and Detection Engineering (TIDE) team and is located in our flagship SOC in Arlington, Virginia. The TIDE team is responsible for threat intelligence, detection engineering and malware analysis at Rapid7. Our mission is to curate threat intelligence and maintain visibility in order to create alerting worthy of human review through applied research and observation of malicious actor behavior. Our vision is to know when, by whom and why. We work across the incident lifecycle to build detections and identify patterns of activities to better understand an adversary’s actions, expedite response, and constantly update the collective understanding of threats. In addition to leveraging this knowledge to arm our analysts and incident responders, we also provide actionable threat intelligence to Rapid7 customers in the form of security advisories and quarterly threat reports. 

 

Responsibilities:

  • Research to develop detections for Rapid7 products and services.

  • Write advanced and multistage detections for various systems.

  • Create tools using scripting (Python) and various web services (REST API’s)

  • Track detections along the intelligence lifecycle, identifying when they need to be updated or retired.

  • Be an escalation point for junior TIDE team members and Rapid7 internal customers.

 

Requirements:

  • 5+ years of threat intelligence, detection writing or malware analysis (creating/tuning network IDS signatures, analyzing netflow/firewall traffic, building SIEM alerting rules).

  • Prior experience with Endpoint Detection & Response (EDR).

  • Expert knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools.

  • Expert knowledge of what visibility exists and how best to alert on attacker activity.

  • Prior operational experience leveraging threat intelligence to detect and respond to adversaries.

  • A strong understanding of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity.

  • Malware analysis and reverse engineering (sandboxing and disassemblers like IDA Pro)

  • Strong written and verbal skills.

 

Differentiators:

  • Prior MSSP experience.

  • Scripting/development experience (Python).

  • Detection writing (Snort/Suricata, YARA, Cuckoo, etc)

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity manifesto
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance + Wellness
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave
Childcare benefits
Membership with Care.com for backup childcare services. Dependent care Flexible Spending Account to set aside pre-tax dollars for childcare expenses.
Generous parental leave
Family medical leave
Vacation + Time Off
Unlimited vacation policy
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Onsite gym
Professional Development
Job training & conferences
Lunch and learns
Promote from within
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this