Senior Threat Intelligence Analyst & Detection Engineer
Rapid7 (Nasdaq: RPD) is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organization. For more information, visit our website, check out our blog, or follow us on LinkedIn.
Do you enjoy information security research and threat intelligence? Do you have experience tracking nation state and cyber criminal threat actors? Would you like the opportunity to research and report on the latest threats and techniques used by attackers?
Rapid7 Managed Detection and Response operate around-the-clock to identify vulnerabilities, detect breaches, respond and investigate attacker activity, and help our customers improve their ability to deal with threats.
We are looking for a Threat Intelligence Lead to research and help to power Rapid7’s detection and response products and services.
This position is on our Threat Intelligence and Detection Engineering (TIDE) team and is located in our flagship SOC in Arlington, Virginia. The TIDE team is responsible for threat intelligence, detection engineering and malware analysis at Rapid7. Our mission is to curate threat intelligence and maintain visibility in order to create alerting worthy of human review through applied research and observation of malicious actor behavior. Our vision is to know when, by whom and why. We work across the incident lifecycle to build detections and identify patterns of activities to better understand an adversary’s actions, expedite response, and constantly update the collective understanding of threats. In addition to leveraging this knowledge to arm our analysts and incident responders, we also provide actionable threat intelligence to Rapid7 customers in the form of security advisories and quarterly threat reports.
Responsibilities:
Self guided research to track threat actors of importance for Rapid7 products and services.
Write publications on the latest observed attacker techniques.
Continuously curate additional information for our threat intelligence management platform.
Track indicators of compromise along the intelligence lifecycle, identifying when they need to be updated or retired.
Devise new methods of analysis and application of threat intelligence for alerting purposes.
Be an escalation point for more senior team members and Rapid7 internal customers.
Requirements:
5+ years of cyber threat intelligence
Prior experience with graphical link analysis tools (Maltego, Analyst Notebook, Palantir)
Prior experience with threat indicator management platforms (ThreatQ, Anomali, RecordedFuture)
Prior experience with Endpoint Detection & Response (EDR) .
Expert knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools.
Prior operational experience leveraging threat intelligence to detect and respond to adversaries.
A strong understanding of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity.
Extremely strong written and verbal skills.
Differentiators:
Prior MSSP experience.
Publications and conference speaking engagements.
Maltego experience
ThreatQ experience
Equal Opportunity Employer
Here at Rapid7, we fundamentally believe that every person deserves an equal opportunity to build an exceptional career! We embrace our similarities, celebrate our differences and firmly believe that EVERYONE has the right to be treated with respect and dignity. We have a ZERO tolerance policy for discrimination based on race, ethnicity, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, marital status, or any other status protected under federal, state, or local law. More importantly though, we just fundamentally believe it’s the right way to build a business and healthy community. We pride ourselves on our unique culture and our commitment to diversity, equity, and inclusion--it is the stitch that holds the fabric of our culture together!