Director, Security Operations and Engineering

Director, Security Operations and Engineering

At Rapid7, we believe in simplifying the complex through shared visibility, analytics, and automation that unite teams around the challenges and successes of cybersecurity. We are looking for a manager of security operations engineering to join our internal security team. We are looking for someone that is passionate about bringing automation and modern engineering practices to our internal threat detection and incident response processes, while boosting signal and reducing noise in our alerts that teams are exposed to. From a Security Operations perspective, threat hunting and developing CERT capabilities as well as aligning with MITRE ATT&CK & D3FEN will be the focus. The main focus of Security Engineering will be around dashboarding, analytics and metrics development. The Director needs to ensure the successful execution for both teams within the wider CSO organization.

About the Team

As a cybersecurity company, the role of Rapid7’s cybersecurity team is highly strategic and impactful in a number of ways. First, in ensuring we meet our duty of care to our customers, employees, and shareholders by protecting Rapid7’s internal systems and sensitive data. The team represents the voice of the customer internally and helps educate the internal team on the needs and concerns of security teams, as well as helping ensure our products and services meet those needs. This team is highly trusted and respected within the Rapid7 organization.

About the Role

As Rapid7 continues to grow and scale our products, as well as our customer base, it is critical that the Director of Security Ops and Engineering leads the efforts to evolve and mature our internal security program, talking to our customers, engaging with the security community, and collaborating across all of the relevant teams inside the company to develop and showcase best practices. At Rapid7, leaders lead change not just by setting strategy but also by listening to others, aligning efforts, nurturing the culture, and co-creating solutions.

In this role, you will:

• Develop, implement, and manage security policies, procedures, and technologies that ensure the protection of the organization's assets, data, and people.

• Lead the security operations and engineering team to execute security projects, initiatives, and compliance activities that support business objectives.

• Provide technical expertise and guidance to the team to address complex security issues and threats.

• Conduct regular risk assessments and develop risk mitigation strategies to address security gaps and vulnerabilities.

• Ensure compliance with industry regulations and standards

• Collaborate with internal stakeholders to establish security requirements for new projects and initiatives.

• Develop and maintain incident response plans and lead the organization's response to security incidents.

• Stay current with the latest security threats, trends, and technologies to ensure the organization's security posture remains strong.

• Develop and deliver security training and awareness programs to educate employees on best practices and security policies.

The skills you’ll bring include:

• Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree is a plus.

• 10+ years of experience in information security, including experience managing security operations and engineering functions.

• Strong technical knowledge and experience in areas such as network security, cloud security, application security, identity and access management, and security operations.

• Experience with security technologies such as SIEM, DLP, IDS/IPS, and vulnerability scanners.

• Experience managing security compliance programs and ensuring compliance with industry regulations and standards.

• Strong leadership and team management skills, with experience leading and motivating a team of security professionals.

• Excellent communication and collaboration skills, with the ability to work effectively with internal stakeholders and external partners.

• Industry certifications such as CISSP, CISM, or CISA are preferred.

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attacker methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.