Senior Threat Intelligence & Detection Engineer
Senior Threat Intelligence & Detection Engineer
Do you enjoy information security research and threat intelligence? Do you have experience tracking nation state and cyber criminal threat actors? Would you like the opportunity to research and report on the latest threats and techniques used by attackers?
Rapid7 Managed Detection and Response operate around-the-clock to identify vulnerabilities, detect breaches, respond and investigate attacker activity, and help our customers improve their ability to deal with threats.
About the Role
This position is on our Threat Intelligence and Detection Engineering (TIDE) team and is located in our flagship SOC in Arlington, Virginia. The TIDE team is responsible for threat intelligence, detection engineering and malware analysis at Rapid7. Our mission is to curate threat intelligence and maintain visibility in order to create alerting worthy of human review through applied research and observation of malicious actor behavior. Our vision is to know when, by whom and why. We work across the incident lifecycle to build detections and identify patterns of activities to better understand an adversary's actions, expedite response, and constantly update the collective understanding of threats. In addition to leveraging this knowledge to arm our analysts and incident responders, we also provide actionable threat intelligence to Rapid7 customers in the form of security advisories and quarterly threat reports.
In this role, you will:
- Author indicators in Rapid7's proprietary detection engine.
- Continuous evaluation, curation, and improvement of detections for internal and external customers.
- Write publications on the latest observed attacker techniques.
- Continuously curate additional information for our threat intelligence management platform.
- Track indicators of compromise along the intelligence lifecycle, identifying when they need to be updated or retired.
- Devise new methods of analysis and application of threat intelligence for alerting purposes.
- Be an escalation point for more senior team members and Rapid7 internal customers.
The skills you'll bring include:
- 5+ years of cyber threat intelligence or similar experience
- Prior experience with graphical link analysis tools (Maltego, Analyst Notebook, Palantir)
- Prior experience with threat indicator management platforms (ThreatQ, Anomali, RecordedFuture)
- Prior experience with Endpoint Detection & Response (EDR)
- Expert knowledge of common operating systems, services, networking protocols, logging, attacker techniques and tools
- Prior operational experience leveraging threat intelligence to detect and respond to adversaries
- A strong understanding of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity
- Extremely strong written and verbal skills
We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
About Rapid7
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what's possible and drive extraordinary impact.
Here, we're building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever's next.
Join us and bring your unique experiences and perspectives to tackle some of the world's biggest security challenges.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.