Rapid7 Information Security Team

Additional Info

Job title of nominated professional (or team name)Rapid7 Information Security Team
Company (where nominated professional or team is working)Rapid7
Websitehttp://www.rapid7.com
Company size (employees)800
CountryUnited States

Overview

In the past two years our team has done an enormous amount of work building a security team from the ground up. Ultimately this has resulted in bolstering Rapid7’s security posture and mitigating risks, but these are three key points that distinguish us:

1. We collaborate with all areas of the business. For example:
• By completing industry-standard security audits, vendor assessments and meeting directly with customers, we build a level of trust that is critical for driving revenue.
• We regularly partner with our product and engineering teams, offering thoughtful feedback on Rapid7’s products and contributing to their roadmaps. Sometimes our contributions are even more direct – during an overnight hackathon, we worked on a project that could ultimately enable industry-standard Single Sign-on in Rapid7’s Platform.
• We’ve established our team as a visible, helpful and approachable resource. Rapid7 employees feel comfortable reaching out to us to report suspicious activity at work, enabling us to respond more effectively to security incidents.

2. Our focus on automation continuously improves efficiency. Through our home-grown “Knex” event management and workflow platform, we’ve automated our work processes in ways that security solution providers don’t yet (effectively) cover. This improves our team’s efficiency and allows us to try out solutions that could be incorporated into Rapid7 products down the road or become future open source projects. One of our most successful Knex modules to date is an automated phishing analysis tool – it has allowed us to greatly streamline our phishing response process – and works seamlessly with our existing phishing detection approaches.

3. We’re involved in our community. Our team members speak at local and national events, serve as board members, host Kali Linux meet-up groups, teach community college classes, and contribute to several open source projects.

Accomplishments

• We collaborate with all areas of the business to improve security, drive innovation and directly impact the company’s bottom line.
• We automate repeatable manual processes to minimize talent underutilization.
• Both as a team and as individuals, we’re extremely active in the security community