Senior Threat Hunter
Just as the Global threat landscape continually evolves, so must we. As such, Rapid7 are delighted to announce this brand new role, our first dedicated Threat Hunter. This individual will be key in helping us continue to defend Rapid7 and its customers Globally. You can expect to play a vital role in scoping and building out an entirely new function for our InfoSec teams, working for a global leader in the sector.
About the Team
Our Information security team is tasked with enhancing our security posture and elevating customer confidence in Rapid7 products. Together, we lead the effective delivery of business outcomes, and program maturation through standardization and iterative improvement. As part of our team, you'll work with highly engaged and capable colleagues to build and implement complex, cross-functional initiatives that secure our business, our employees, and our customers.
About the Role
As a Threat Hunter you will play a key role in defending Rapid7 from current and future cyber threats with a focus on finding evidence of threats or suspicious behavior, and leveraging data to improve controls and processes. You will be a part of a team involved in the development of new and existing Cybersecurity advanced threat programs, solving problems by providing solutions that are technologically sound and prioritized by risk and severity.
In this role, you will:
Lead "hunt missions" using threat intelligence and data from multiple sources to discover evidence of threats, insider misconduct, or anomalous behavior
Hunt for and identify threat actor groups and their techniques, tools, and processes
Provide analytic investigative support of complex security incidents and perform analysis for further enhancement of alert catalog
Continuously improving processes for use across multiple detection sets for more efficient operations
Utilize and adhere to defined workflow and processes driving Threat Hunts and mitigation efforts
Characterize suspicious behaviors and be able to identify traits, C2, and develop network and host-based IOCs or IOAs
Leverage a series of tools, techniques, and capacities to support hunting activities
Document and present the results of threat hunt analysis and subsequent detection, potential remediation, and recovery in an effective and consistent manner
Produce threat hunt specific metrics and key performance indicators for executive review.
Develop and maintain strong working relationships with key partners, stakeholders, and even peers at other institutions
Contribute to strategic and tactical direction on threat hunt initiates
Drive the technical oversight and guidance required to support junior and mid-career analysts during analysis efforts
The skills you’ll bring include:
6+ years of relevant work experience with experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.
Experience with Python and/or at least one common scripting language (PERL, C, Powershell)
Knowledge in Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems
Knowledge in tactics, technologies, and procedures related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT or Insider Threat
Related Certification (A+, Network+, Security+, CISSP, GCIH, GCFA, GCFE, GREM
Knowledge on query structures like Regular Expressions, YARA and SIGMA rules, AQL and KQL types
Excited by technology, curious and eager to learn
The attitude and ability to thrive in a high-growth, evolving environment
Collaborative team player who has the ability to partner with others and drive toward solutions
Analytical, with strong creative problem solving skills
Solid communicator with excellent written and verbal communications skills both within the team and cross functionally
Passionate about delighting customers, puts the customer needs at the forefront of all decision making
It would be great if you also had:
Bachelor's degree or equivalent would be advantageous
We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.
Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next.
Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.