Jobs//Hybrid//Boston, MA//Cybersecurity + IT//

Lead Security Governance Analyst

Rapid7
| Hybrid
Sorry, this job was removed at 3:56 a.m. (CST) on Tuesday, February 15, 2022
View 7971 Jobs
Find out who's hiring in Boston, MA.
See all Cybersecurity + IT jobs in Boston, MA
View 7971 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

At Rapid7, we’re on a mission to close the security achievement gap for our customers by simplifying the complex through shared visibility, analytics, and automation that unite teams around challenges and successes of cybersecurity. Our products and services empower over 9,100 customers across over 120 countries to seamlessly build security into the heart of their organizations. 

Our internal Trust & Security Governance team within our Information Security department plays a crucial role in supporting our mission. We ensure we meet our duty of care to our customers, employees, and shareholders by creating effective governance for upholding internal security policies, distributing foundational security expertise across every department to create a strong security culture, and bolstering customer and community trust by providing accessible and transparent information about our internal security program. This role partners closely with other InfoSec teams, Legal, the Request, for Proposal (RFP) team, People Development, and many other teams at Rapid7

We’re looking for a Lead Security Analyst to help advance our Trust & Security Governance programs, helping us evolve security policies, streamlining our customer security inquiry response program, and scaling our security training across the company.

Your profile

Are you looking for a new opportunity to apply your security expertise to rapidly mature company-wide security governance programs? Do you want to have a direct impact on customers’ understanding of your organization’s security program? Are you excited about the opportunity to create a company-wide security culture that sticks? Do you eagerly seek out and embrace feedback from perspectives different from your own? 

If you’ve been answering “yes” to these questions, then you might be the person we’re looking for! Keep reading below to learn more about this unique opportunity to drive impact on a security team at a security company. 

What you’ll do

  • Create and maintain Rapid7’s security policy framework, including roles and responsibilities, self-service templates, and policy lifecycle processes

  • Partner with Legal and RFP teams to curate FAQ content in our customer security inquiry knowledge base, keeping it accurate and up-to-date by working with subject matter expert teams across InfoSec, Engineering, IT, etc.

  • Provide security expertise to Legal teams in the contract-negotiation process to ensure that contract terms accurately reflect Rapid7's cyber security capabilities.

  • Coordinate and respond to customer security inquiries, due diligence questionnaires, and security-related contract modifications

  • Continuously mature Trust processes through automation, self-service functionality, and process streamlining to shorten our Sales cycle and our customers’ due diligence cycle

  • Maintain and evolve security whitepapers, security content in product help docs, and Rapid7’s Trust site to create an excellent experience for customers and the community when trying to gauge our security capabilities

  • Partner with other InfoSec teams and People Development to create quality security training content/experiences for employees so they know how to uphold their security responsibilities

  • Develop broad knowledge of the implementation of Rapid7’s security controls, policies, and processes across our products and corporate environments

  • Build positive relationships with partner teams in Marketing, Legal, Sales, Business Operations, People Development, and other teams to continuously improve our internal security culture and external awareness of Rapid7’s security program

  • Help create metrics to demonstrate the efficiency and effectiveness of our Trust program and to inform continuous program improvements

  • Systematically track and report on customer feedback about our security program to inform the business about where we need to improve security to satisfy customers’ needs

  • Report and communicate security issues and topics to technical and non-technical audiences, ranging from individual contributors to C-suite executives

What you’ll bring

  • Experience working in information security, including but not limited to Governance, Risk, and Compliance (GRC); security trust operations; and/or security audit

  • Experience creating effective security awareness training experiences for topics such as (but not limited to) phishing/social engineering, safe data handling, secure software development, etc.

  • Experience supporting security compliance programs or operations involving frameworks such as ISO 27001, NIST CSF, PCI DSS, FedRAMP, CSA STAR, SIG/SCA, SOC 2 Type II, etc.

  • Knowledge of modern security problems and solutions for endpoint security, network security, cloud security, application security, identity & access management, vulnerability management, threat detection, and/or incident response

  • Strong focus and desire to impact together with your direct and cross-functional teammates at Rapid7

  • Excellent time management and prioritization skills with a strong ability to plan, prioritize, and execute projects independently or in coordination with other teams

  • Excellent ability to communicate to technical and non-technical audiences with a positive, collaborative, and enablement-focused attitude

  • Insatiable curiosity and desire to challenge conventional approaches to solving problems

Pluses

  • Experience implementing and operating technical security controls/tools in the context of vulnerability management, incident response, cloud security, application security, etc.

Equal Opportunity Employer 

Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and strongly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • DjangoFrameworks
    • ExpressFrameworks
    • FlaskFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • TensorFlowFrameworks
    • CassandraDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • WordpressCMS
    • SalesforceCRM

An Insider's view of Rapid7

What does your typical day look like?

For the majority of the day it’s a mix of weekly check-ins with various teams, project updates, and the occasional brainstorm.

When I’m not in meetings I’ve got headphones in while planning, writing, or designing — at my desk or perched somewhere around the office.

Grace

Senior Brand Storyteller

What are Rapid7 Perks + Benefits

Culture
Volunteer in local community
Once a year, Rapid7 offices across the globe close for the day so employees can volunteer.
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Open office floor plan
Flexible work schedule
Remote work program
Our remote work program includes full-time remote for specific positions, Work remotely on occasion as needed.
Diversity
Dedicated diversity and inclusion staff
Highly diverse management team
Rapid7 is led by a diverse management team that represent the security community we serve. We believe that we all have a responsibility to continuously improve our DE&I efforts.
Mandated unconscious bias training
We believe in continuous learning, our in-house trainers conduct consistent diversity trainings. We advocate for diverse thinking and strive to cultivate a workforce that mirrors the best minds.
Diversity manifesto
Diversity employee resource groups
We have so many amazing and organically created employee resource groups! These internal Rapid7 communities allow for an authentic experience where diverse employees and allies can come together.
Hiring practices that promote diversity
We've taken the Parity Pledge, we reinforce strategic recruitment, we are committed to diversity partnerships, and we understand the importance in training around unconscious bias.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Child Care & Parental Leave Benefits
Childcare benefits
Membership with Care.com for backup childcare services. Dependent care Flexible Spending Account to set aside pre-tax dollars for childcare expenses.
Generous parental leave
Family medical leave
Vacation & Time Off Benefits
Unlimited vacation policy
Paid volunteer time
Our employees receive unlimited hours per year of paid volunteer time.
Paid holidays
Paid sick days
Employees receive unlimited hours per year of paid sick leave.
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Rapid7 has a fully stocked kitchen including unlimited snacks, coffee, tea and all of the flavored sparkling water you can handle.
Some meals provided
Employees get free lunch during quarterly in-office Town Halls and some team meetings.
Company-sponsored happy hours
Onsite office parking
Fitness stipend
Onsite gym
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Continuing education available during work hours
Online course subscriptions available
Paid industry certifications
View full list of perks + benefits

More Jobs at Rapid7

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about Rapid7Find similar jobs like this