Threat Hunter

**Threat Hunter**

Just as the Global threat landscape continually evolves, so must we. As such, Rapid7 are delighted to announce this brand new role, our first dedicated Threat Hunter. This individual will be key in helping us continue to defend Rapid7 and its customers Globally. You can expect to play a vital role in scoping and building out an entirely new function for our InfoSec teams, working for a global leader in the sector.

**About the Team**

Our Information security team is tasked with enhancing our security posture and elevating customer confidence in Rapid7 products. Together, we lead the effective delivery of business outcomes, and program maturation through standardization and iterative improvement. As part of our team, you'll work with highly engaged and capable colleagues to build and implement complex, cross-functional initiatives that secure our business, our employees, and our customers.

**About the Role**

As a Threat Hunter you will play a key role in defending Rapid7 from current and future cyber threats with a focus on finding evidence of threats or suspicious behavior, and leveraging data to improve controls and processes. You will be a part of a team involved in the development of new and existing Cybersecurity advanced threat programs, solving problems by providing solutions that are technologically sound and prioritized by risk and severity.

**In this role, you will**:

- Lead "hunt missions" using threat intelligence and data from multiple sources to discover evidence of threats, insider misconduct, or anomalous behavior
- Hunt for and identify threat actor groups and their techniques, tools, and processes
- Provide analytic investigative support of complex security incidents and perform analysis for further enhancement of alert catalog
- Continuously improving processes for use across multiple detection sets for more efficient operations
- Utilize and adhere to defined workflow and processes driving Threat Hunts and mitigation efforts
- Characterize suspicious behaviors and be able to identify traits, C2, and develop network and host-based IOCs or IOAs
- Leverage a series of tools, techniques, and capacities to support hunting activities
- Document and present the results of threat hunt analysis and subsequent detection, potential remediation, and recovery in an effective and consistent manner
- Produce threat hunt specific metrics and key performance indicators for executive review.
- Develop and maintain strong working relationships with key partners, stakeholders, and even peers at other institutions
- Contribute to strategic and tactical direction on threat hunt initiates
- Drive the technical oversight and guidance required to support junior and mid-career analysts during analysis efforts

**The skills you’ll bring include**:

- 6+ years of relevant work experience with experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.
- Experience with Python and/or at least one common scripting language (PERL, C, Powershell)
- Knowledge in Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems
- Knowledge in tactics, technologies, and procedures related to Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT or Insider Threat
- Related Certification (A+, Network+, Security+, CISSP, GCIH, GCFA, GCFE, GREM
- Knowledge on query structures like Regular Expressions, YARA and SIGMA rules, AQL and KQL types
- Excited by technology, curious and eager to learn
- The attitude and ability to thrive in a high-growth, evolving environment
- Collaborative team player who has the ability to partner with others and drive toward solutions
- Analytical, with strong creative problem solving skills
- Solid communicator with excellent written and verbal communications skills both within the team and cross functionally
- Passionate about delighting customers, puts the customer needs at the forefront of all decision making

**It would be great if you also had**:

- Bachelor's degree or equivalent would be advantageous

**About Rapid7**

At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next.

Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

LI-AF2