Rapid7 hiring Detection Engineer • Remote (Work from Home) | Himalayas
Rapid7RA

Detection Engineer

Rapid7 is a cybersecurity company providing data security and analytics solutions, including vulnerability management, incident detection and response, application security, and cloud security. Founded in 2000, the company aims to help organizations reduce risk and eliminate threats across modern IT environments.

Rapid7

Employee count: 1001-5000

United States only

About the Team

Rapid7’s Threat Intelligence & Detection Engineering (TIDE) team is built from the ground up to provide our customers with high-fidelity threat detections and alerting that limit threat actor dwell time and impact across our customers' ecosystems. Our TIDE team uses purposeful research, threat intelligence curation, observed malicious behavior, and informed collaboration to ensure that our detections evolve along with the ever-changing threat and technological landscape.

About the Role

As a Detection Engineer, you will be responsible for the upkeep and evaluation of the detection library for the MDR service. Our team’s mission is to empower excellence in our customer’s security posture by continuously refining Rapid7’s detection library, enhancing their effectiveness to swiftly identify incidents while reducing analyst strain. Our vision is to lead with an unparalleled, state-of-the-art, and globally recognized detection library to set new standards in cybersecurity. You will collaborate closely with the SOC and Data Science teams to identify patterns of activity to improve detections, assist with the creation of new data models, and constantly update the collective understanding of threats.

In addition, you will learn from IR engagements, SOC incidents, and a variety of other sources and apply that knowledge to inform new detections for use across our customer base. You won't be alone in this endeavor, and your TIDE colleagues will be there to answer questions, provide guidance, and assist you as you develop.

In this role, you will:

  • Utilize Rapid7’s world-class software and threat intelligence to improve the current InsightIDR detection library.

  • Collaborate closely with SOC Analysts, the Data Science team, Incident Response (IR) Consultants, Cybersecurity Advisors, and Security Researchers.

  • Assist in researching of attacker behaviors and techniques using information gathered from IR engagements, minor incidents and malicious activity discovered through various telemetry sources.

  • Conduct detection testing in a controlled environment.

  • Use a variety of skills to build rules that detect evil across network, endpoint and cloud services.

The skills you’ll bring include:

  • 3+ years as a SOC Analyst/Incident Responder/Offensive security practice experience OR 2+ years of cyber threat intelligence/research/detection engineering experience.

  • A solid understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.

  • Experience with hands-on analysis of forensic artifacts and/or malware samples.

  • Experience writing standard EDR detections (Sentinel One/Crowdstrike/Defender), advanced search/threat hunting queries, or use case rules (Splunk or equivalent tool).

  • Ability to research, analyze, and interpret threat intelligence data from various sources and translate the information into actionable detection rules.

  • Strong writing and verbal skills for communicating information in a manner that is easily understood by both technical and non-technical individuals.

  • Effective collaboration between different teams.

  • Innovative problem solving mindset.

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.

Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Mid-level

Location requirements

Hiring timezones

United States +/- 0 hours

About Rapid7

Learn more about Rapid7 and their company culture.

View company profile

Founded in 2000 by Alan Matthews, Tas Giakouminakis, and Chad Loder, Rapid7 embarked on a mission to provide innovative cybersecurity solutions. The company was established with the vision of helping organizations effectively detect and respond to security threats. Alan Matthews brought his extensive cybersecurity expertise, Tas Giakouminakis provided the technical software development knowledge, and Chad Loder contributed his entrepreneurial vision to shape the company's strategic direction. What began as a focused endeavor to address the evolving landscape of cyber threats has grown into a global leader in vulnerability management and incident detection. Over the years, Rapid7 has consistently pushed the boundaries of security technology through innovation and strategic partnerships. A key milestone in their journey was the launch of Nexpose, their flagship vulnerability management solution, in 2007. This was followed by the strategic acquisition of Metasploit, a renowned open-source penetration testing tool, in 2010, significantly expanding their product portfolio. The company's growth trajectory continued, leading to its initial public offering (IPO) on the NASDAQ stock exchange in 2012 (though another source indicates 2015). In 2015, Rapid7 further enhanced its threat detection capabilities by acquiring Logentries, a provider of cloud-based log management and analytics solutions. The introduction of InsightIDR in 2018, a cloud-based SIEM solution, marked another significant step in empowering organizations to detect and respond to security incidents in real-time.

Today, Rapid7 is a leading cybersecurity solutions provider, dedicated to making successful security tools and practices accessible to all. Their Insight Platform technology, expert services, and thought-leading research enable over 9,000 customers worldwide to improve their security programs and innovate safely. As technology continues to advance rapidly, every company has essentially become a technology company, inherently creating new security risks. The migration to the cloud and the proliferation of connected devices present security teams with an increasingly complex and unpredictable attack surface. Rapid7 believes that as cybersecurity challenges escalate, two primary factors hinder organizations from effectively managing their security exposure: the complexity of security tools and the scarcity of qualified cybersecurity professionals to manage them. These challenges are compounded for resource-constrained organizations. Rapid7 aims to bridge this 'Security Achievement Gap' by simplifying complex security problems. Their solutions empower teams to more effectively reduce vulnerabilities, monitor malicious behavior, investigate and shut down attacks, and automate routine tasks. This is all supported by a dedicated team of security researchers and consultants who bring real-world attacker behavior knowledge and emerging vulnerability insights directly to their customers. Headquartered in Boston, Massachusetts, Rapid7 operates globally, serving a diverse range of industries including technology, energy, financial services, healthcare, and government.

Claim this profileRapid7 logoRA

Rapid7

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

16 remote jobs at Rapid7

Explore the variety of open remote roles at Rapid7, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Rapid7

Remote companies like Rapid7

Find your next opportunity by exploring profiles of companies that are similar to Rapid7. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan