Senior Manager, Penetration Testing (Massachusetts)
Company Description
Rapid7 (NASDAQ: RPD) is helping organizations around the globe advance securely. Our technology, services, and community-focused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. With more than 9000 customers across 120+ countries, Rapid7 is a recognized leader in cybersecurity that has proudly earned numerous industry accolades and strong recognition for our technology and culture. Learn more at www.rapid7.com.
The Penetration Testing Team
Our team helps clients focus on security vulnerabilities and flaws that matter the most by applying a real world threat actor perspective to their attack surface. Within the team, we have expertise in nearly every discipline of offensive security from application testing, IOT, to red and purple team exercises. We partner with an organization's security, IT, audit, and business leaders to drive attack surface reduction through deep industry knowledge, offensive tradecraft, and expert consulting.
Our professionals must have the ability to handle complex situations and multiple responsibilities simultaneously in order to balance long-term projects while maintaining urgency on operational demands. They must also have an innate curiosity that drives offensive tradecraft development and execution in order to simulate real-world attack scenarios.
The Opportunity
Rapid7’s Penetration Testing team is looking for an experienced business and people leader with a firm understanding and experience in offensive penetration testing. This is an opportunity to join a leadership team and help shape the impact we have with our customers to drive continuous improvement on a global scale. Rapid7 is seeking a candidate that brings the right blend of leadership experience and execution skills to enhance our overall practice. If you are an energetic, innovative security leader, who has the experience and commitment to grow a global team, this could be a great match!
Essential Responsibilities
Develop and lead global programs focused on continuous improvement and evolution of pentest and offensive exercises
Drive business development through service innovation, client interaction, and sales support
Lead and develop a motivated team of managers and consultants
Engage directly with our customers to support an outstanding customer experience
Collaborate with cross functional teams to drive integration, bundled services, and other opportunities for the team
Build upon Rapid7’s Services career framework to enhance the team’s focus on personnel development
Participate as a member of our global Security Services leadership team to collaborate as we evolve Rapid7’s customer experience
Evolve key processes across the teams to scale and drive customer value
Knows how to build sales leads and manage the scoping of deal pipeline
Knows how the business is run and can manage the intersection of sales support, sales pipeline, booking targets, and workload distribution.
Qualifications and Traits
10+ years leading customer-facing penetration testing, red teaming, purple teaming, and offensive programs
Hands on experience conducting penetration testing and red teaming highly desirable
Prior experience designing security controls and defending networks/systems desirable
Experience working in global consulting organizations
3+ years experience in a leadership position including managing managers
Dedicated cross-functional orientation and ability to build relationships with other leaders and teams
Creative problem-solving ability and forward-thinking mentality
Strong leadership and communication skills
Experience managing remote teams
Requires comprehensive understanding of concepts, theories and principles within offensive security testing and knowledge of other disciplines
Business leadership and relationship management experience with non-technical leaders and individual contributors
Creates formal networks with key decision makers and serves as external spokesperson for the organization
Understands how to work between tactical and strategic service design and delivery
Previous hands on technology design, architecture, and administration experience with network and systems infrastructure as well as middleware and applications
Professional certifications CISSP, CISA, GSEC, SSCP, CEH, ECIH highly desirable
Familiarity with security frameworks such as NIST, CIS, ISO, CMMC, etc.
Outstanding verbal and written communication skills
Willingness to travel 25-40%