Lead Security Researcher - Emergent Threat Response

US - Remote

Location(s)

US - Remote, US - MA - Boston, US - CA - Los Angeles, US - TX - Austin, US - FL - Tampa, US - VA - Arlington

Team(s)

Product & Engineering


Lead Vulnerability Researcher - Emergent Threat Response (Security Sciences)

The past two years has seen a significant rise in widespread attacks and zero-day vulnerabilities that pose a threat to many organizations. Rapid7's emergent threat response team is a group of vulnerability researchers and cross-functional leaders who work across the company to help customers understand and implement defenses against active and impending security threats. Our researchers analyze CVEs that are being actively exploited in the wild and publish both in-depth and high-level research on vulnerability and exploit trends.

At the same time, we aren't satisfied with a merely reactive approach to security research—we seek to identify, characterize, and contextualize the vulnerabilities and attack vectors that will turn into tomorrow's widespread threats (or next month's, or next year's). We're looking for an experienced researcher to join our team and help define vuln research priorities (and drive execution!) that help defenders get ahead of the attack curve.

Key responsibilities:

  • Perform and publish root cause analyses of high-priority vulns and potential threats that highlight Rapid7's attacker-focused approach to vulnerability risk management
  • Work with the Metasploit team to incorporate new exploits into Metasploit Framework as needed (we believe strongly that defenders benefit from having democratic access to offensive security capabilities in order to understand attacks and test their controls!)
  • Advise our security content and threat detection engineers as they develop vulnerability checks, fingerprints, and detections for CVEs and exploits that meet emergent threat criteria
  • Work with the broader security research team to define and execute on longer-term research priorities across one or more key areas. This is intentionally open: We're looking for someone who understands vulns, has a point of view on what matters to big swaths of enterprise orgs, and can pitch and develop impactful projects that help our customers advance and position Rapid7 as a leader in the threat and vuln research space.

Core competencies:

  • A clear, specific point of view on vulnerabilities, attack surface area, and exploitation. This team's purview is vulnerability intelligence—which vulns matter, why they matter, how attacks and exposure are likely to change (or not), and what defenders can do about it.
  • Demonstrable experience finding high-impact zero-day vulnerabilities, writing about vulns and exploits, and/or speaking publicly about research and tools you've delivered
  • A bent toward practicality when defining research priorities. We eschew ivory towers—making research understandable and actionable is what wins customers' hearts. There are tons of under-researched attack vectors that aren't gimmicky or niche...that's the stuff we want to be highlighting.
  • Deep understanding of the challenges that security teams and global organizations face in today's threat climate
  • Willingness to mentor and teach others what you know—you don't need to be a people lead or manager, but clear communication and the ability to tell a story will make you successful!
  • Understanding of how urgency and importance can complement each other or detract from one another: Your work will fall into both categories, but you'll need to know when to counsel patience vs. when to raise alarms.
  • Enormous empathy, patience, and adaptability, with a healthy dose of boundary-setting for sustainable achievement. This industry can be intense and full of fire drills, but we strive to never, ever spread FUD (fear, uncertainty, and doubt) amongst ourselves or our customers. You'll be a leader on a cross-functional team who supports each other and advocates relentlessly for customers in an ever-changing threat climate—your insight will help us define what the right responses look like and extend our ability to deliver them without succumbing to hype or contributing to alert fatigue.

What you'll get:

  • A remote-friendly team who cares about each other and about the community, who prioritizes open information whenever possible, and who will respect your unique strengths, weaknesses, and boundaries
  • The ability to work with and learn from some of the lowest-ego, kindest folks in the exploit development and vuln research business. They're smart and driven, too, but they are kind to one another and the community first and foremost (always)
  • A high-visibility role with lots of opportunity for growth and leadership, and a cross-functional leadership team who will cheer you on, brag about your work, and advocate for your point of view
  • A manager who will listen to feedback, partner with you on defining a career path that excites and inspires you, and support you in prioritizing work-life balance that keeps you healthy and happy
  • The opportunity to be part of a company that's thinking strategically about its future in the industry and its ability to solve problems for security teams in a resource-constrained climate. Whatever bumps we hit along the way, Rapid7 cares about accessibility and security achievement for its customers. Both our own team and executive leaders also care deeply about research and open source—and they put their money where their mouths are!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.