Manager, Threat Intelligence & Detection Engineering

Rapid7 is a cybersecurity company providing data security and analytics solutions, including vulnerability management, incident detection and response, application security, and cloud security. Founded in 2000, the company aims to help organizations reduce risk and eliminate threats across modern IT environments.

Rapid7

Employee count: 1001-5000

United States only

As a Manager of Threat Intelligence & Detection Engineering, your primary responsibility will be to lead a group of talented, driven, and creative Detection Engineers. The team is responsible for the upkeep and advancement of the detection library for Rapid7’s MDR service.

About the Team

Rapid7’s Threat Intelligence & Detection Engineering (TIDE) team provides our managed SOC with high-fidelity and actionable threat detections and alerting. This limits threat actors' dwell time and impact across our customers' ecosystems. The TIDE team uses purposeful research, threat intelligence curation, observed malicious behavior, and informed collaboration to ensure that our detection and response capabilities evolve with the ever-changing threat and technological landscape.

About the Role

As a Manager of Threat Intelligence & Detection Engineering, your primary responsibility will be to lead a group of talented, driven, and creative Detection Engineers responsible for the up-keep and advancement of the detection library for Rapid7’s MDR service. Our team’s mission is to empower excellence in our customer’s security posture by continuously refining the Rapid7 MDR service's detection and response capabilities. This enhances their effectiveness to swiftly identify incidents while reducing analyst strain. We will collaborate closely with the SOC, Engineering, and Data Science teams to identify patterns of activity to improve detections, assist with the creation of new data models, and constantly update the collective understanding of threats.

Specifically, your focus will be to:

Provide a strong team vision, guidance, goals, and assistance to a high performing team of detection engineers.
Contribute to strategic planning focused on driving forward detection and response capabilities of Rapid7’s MDR service while maintaining operational stability.
Collaborate closely with internal teams to facilitate positive outcomes for internal and external customers.
Promote healthy, positive work habits and environments to reduce fatigue and encourage a sustainable work-life balance.
Develop and socialize a deep understanding of internal and external customer personas in order to improve the efficiency and efficacy of our SOC.
Oversee and guide team projects ensuring that they deliver the expected outcomes on time, while allowing your team to grow in autonomy and mastery of their craft.
Create streamlined processes/workflows to help improve the reliability and efficacy of our tools, and reduce noise.
Explore new opportunities for improving SOC analyst experience through automation, machine learning, and artificial intelligence.
Directly and indirectly interact with customers and prospects as needed.
Communicate and celebrate the successes of your team and the new capabilities they create.
Create, track and iterate on metrics that measure the efficacy of our detection and response program.

The skills and qualities you’ll bring include:

2+ years of professional management or team lead experience, performing 1:1’s, coaching and mentoring teams (preferably in SOC/CIRT environments).
4+ years of SOC and/or IR experience.
Experience with common cybersecurity tools and techniques and up-to-date knowledge of attacker techniques, tools, and procedures.
A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.
Expertise in tools and techniques for analyzing large sets of data.
Effective collaboration within the SOC and between departments.
Extremely strong written and verbal skills.

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome.

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.

Apply now

Please let Rapid7 know you found this job on Himalayas. This helps us grow!

Apply now

About the job

Apply before

Nov 02, 2025

Posted on

Sep 03, 2025

Job type

Full Time

Experience level

Manager

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

Threat Intelligence Manager Security Engineering Manager Head Of Threat Intelligence Senior Cyber Threat Intelligence Analyst

Skills

MDR Service Threat Intelligence Detection Engineering Data Modeling Workflows Automation)Machine Learning Artificial Intelligence Incident Response Lateral Persistent

About Rapid7

Learn more about Rapid7 and their company culture.

View company profile

Founded in 2000 by Alan Matthews, Tas Giakouminakis, and Chad Loder, Rapid7 embarked on a mission to provide innovative cybersecurity solutions. The company was established with the vision of helping organizations effectively detect and respond to security threats. Alan Matthews brought his extensive cybersecurity expertise, Tas Giakouminakis provided the technical software development knowledge, and Chad Loder contributed his entrepreneurial vision to shape the company's strategic direction. What began as a focused endeavor to address the evolving landscape of cyber threats has grown into a global leader in vulnerability management and incident detection. Over the years, Rapid7 has consistently pushed the boundaries of security technology through innovation and strategic partnerships. A key milestone in their journey was the launch of Nexpose, their flagship vulnerability management solution, in 2007. This was followed by the strategic acquisition of Metasploit, a renowned open-source penetration testing tool, in 2010, significantly expanding their product portfolio. The company's growth trajectory continued, leading to its initial public offering (IPO) on the NASDAQ stock exchange in 2012 (though another source indicates 2015). In 2015, Rapid7 further enhanced its threat detection capabilities by acquiring Logentries, a provider of cloud-based log management and analytics solutions. The introduction of InsightIDR in 2018, a cloud-based SIEM solution, marked another significant step in empowering organizations to detect and respond to security incidents in real-time.

Today, Rapid7 is a leading cybersecurity solutions provider, dedicated to making successful security tools and practices accessible to all. Their Insight Platform technology, expert services, and thought-leading research enable over 9,000 customers worldwide to improve their security programs and innovate safely. As technology continues to advance rapidly, every company has essentially become a technology company, inherently creating new security risks. The migration to the cloud and the proliferation of connected devices present security teams with an increasingly complex and unpredictable attack surface. Rapid7 believes that as cybersecurity challenges escalate, two primary factors hinder organizations from effectively managing their security exposure: the complexity of security tools and the scarcity of qualified cybersecurity professionals to manage them. These challenges are compounded for resource-constrained organizations. Rapid7 aims to bridge this 'Security Achievement Gap' by simplifying complex security problems. Their solutions empower teams to more effectively reduce vulnerabilities, monitor malicious behavior, investigate and shut down attacks, and automate routine tasks. This is all supported by a dedicated team of security researchers and consultants who bring real-world attacker behavior knowledge and emerging vulnerability insights directly to their customers. Headquartered in Boston, Massachusetts, Rapid7 operates globally, serving a diverse range of industries including technology, energy, financial services, healthcare, and government.

Tech stack

Learn about the tools and technologies that Rapid7 uses to build, market, and sell its products.

View tech stack

Node.js

Django

Spring

Ruby on Rails

JavaScript

Python

Java

Ruby

Scala

Flask

SQL

17 more

Rapid7 employees can create an account to update this tech stack.

Apply now

Please let Rapid7 know you found this job on Himalayas. This helps us grow!

Apply now