Tag Archives: Rapid7 Culture

Rapid7 Sales Director Devin Poulter On Building a Career as an Account Executive

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/06/01/rapid7-sales-director-devin-poulter-on-building-a-career-as-an-account-executive/

Rapid7 Sales Director Devin Poulter On Building a Career as an Account Executive

Devin Poulter is a Sales Director with over 20 years of experience in the tech industry. Recently, we asked him a few questions to learn more about how he built his career, what it’s like to lead a team at Rapid7, and more.

You’ve been in software sales for most of your career, what can you tell us about being successful as an Account Executive?

I’d say building your personal brand is really important for success as an Account Executive. Being able to have open and honest conversations with customers and really focus on where you can (or sometimes, where you can not) add value is something people will remember you by.

Years down the line, when you are either introducing a new product, or representing a different company, that decision maker you are reaching out to will probably remember how you treated them previously. If you took the time to create a positive relationship, they are more likely to take your call and listen because you’ve built that foundation of trust. I’ve seen that play out time and time again, and I think it’s important for people building their career to equally focus on their personal brand as well as the product or company brand you’re representing.

What stands out to you about Rapid7 when it comes to building a sales career?

Well, the cybersecurity market is white hot as threats and bad actors continue to find new ways of exposing vulnerable organizations. It’s a market that is attracting a lot of competition as new companies and startups emerge—but where I see the most value and sustainability is with organizations like Rapid7 that can meet customers where they are—and grow with them.

When we think about our customers, particularly the CISO, their role has become increasingly challenging, and will continue to be so. Between an evolving threat landscape, a struggle to find talent for in-house security teams, and a volatile economic landscape that puts pressure on budgets—they need partners who can help them do more with less resources. At Rapid7, we’re making it everyone’s mission to think about these customer challenges and ensure we’re bringing the best and most impactful solutions to the table so we can help customers build a more secure digital future.

Additionally, Rapid7 isn’t a one trick pony for a CISO. Our Account Executives can sell across the full platform of our offerings, enabling them to be a true partner to customers and add value based on their unique needs and challenges. When it comes to building a successful career in sales (and especially in building your personal brand), this is something that helps our reps deliver the utmost value to customers with solutions that can grow and scale with them.

Finally, Rapid7’s mission is inspiring. The need for our products is something that is never going to go away. All around the world, there are bad actors who are constantly trying to take advantage of individuals and businesses to make a quick profit. When you think of the impact a hacker or vulnerability can have, it’s everything from financial losses to entire infrastructure systems and communities getting disrupted. We’re giving organizations the tools and resources to protect themselves from the bad guys, and helping their security teams work more efficiently and keep their data—and more importantly, people, safe from harm.

What’s it like to lead a team at Rapid7?

As a leader, I’m excited for the opportunity to help mature my team and see them succeed. That’s always been a big motivator for me—and it still is today. As I’ve progressed through my career, I’d say it’s equally rewarding to see the growth and success of the business, and the impact we’re making on our customers.

Today, my motivation goes far beyond hitting our numbers and going to Club. Being part of a company that’s creating real impact every day, whether it’s through our products, our open source communities, or our work in public policy and governance, it’s fulfilling to be part of a journey that’s being recognized and giving us a reputation in the market for being really innovative.

When people are proactively approaching you at a conference or a show, and commenting on the work Rapid7 is doing, it instills a lot of pride in your work and reminds you of how important our mission is. A company that gives you that kind of fulfillment, along with opportunities to grow, is the real difference between finding your next job and finding a career home.

What do you look for in an Account Executive?

What I look for is genuine curiosity, and the ability to critically think about challenges. I don’t need someone to tell me what they think I want to hear or give a generic answer. In order to uncover this in an interview, I’ll often share a real world situation and ask their opinion on how they would approach it. This gives me an opportunity to see what kind of follow up questions they have, how they think, and how they might approach challenges on the job. As far as their answer, I’m not looking for a right or wrong response, it’s more about learning how they think. Sometimes, I’ll even help coach or give the person feedback to help them understand the context or maybe frame it in a way they weren’t thinking about originally. The candidates that stand out the most are the ones who are able to ask the right questions, can articulate their opinion, and who are also coachable and open to feedback. Knowledge of our products and industry can always be taught, but having the right mindset is critical to be able to help them grow and be successful in the role.

At Rapid7, when we say we are open to ideas and encourage people to challenge convention—we really do mean it, and we respect the different perspectives that are brought to the table. This kind of culture is what helps sustain the business and enables you to do some really cool things in your field.

Looking to find your career home as an Account Executive?

Explore what it’s like to work as part of our sales team here: https://careers.rapid7.com/sales

Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/05/31/rapid7-data-engineers-inspire-future-tech-talent-at-summer-search-career-fest/

Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest

We are thrilled to share some exciting news from our data engineering team at Rapid7. Earlier this month, our very own data engineers had the honor of being panelists at the technology panel organized by Summer Search, a fantastic organization that our CEO, Corey Thomas, is on the Leadership Council for.

The event, known as the Summer Search Career Fest, aimed to empower and support 100-150 high school and college students from low-income backgrounds. It provided them with invaluable opportunities such as professional mentoring, summer experiences, and post-secondary support. Our team was elated to contribute to this inspiring initiative and connect with these talented young minds.

Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest

As panelists, we had the privilege of sharing our experiences, insights, and expertise in the field of data engineering. We discussed various topics related to technology, career paths, and the impact of data-driven decision-making. Our goal was to inspire these aspiring individuals and showcase the incredible possibilities that lie within the tech industry.

Being able to guide and mentor young talent aligns perfectly with our company values and our commitment to fostering growth within the community. We firmly believe that by investing in the next generation of professionals, we can collectively shape a brighter future.

We would like to express our heartfelt gratitude to Summer Search for organizing this remarkable event and for providing us with the opportunity to contribute. We would also like to extend our appreciation to Corey Thomas for his involvement in the Leadership Council, which made our participation possible.

We encourage all of you to join us in celebrating this achievement and the positive impact we are making together. Stay tuned for future updates on our community engagement initiatives and ways you can get involved.

Once again, thank you to everyone involved in making this event a success, and we look forward to continuing to make a difference in the lives of young talent within our community.

Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest

Starting a Career in Tech? Learn How Rapid7’s Emerging Talent Programmes Foster Long-Term Success

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/04/25/starting-a-career-in-tech-learn-how-rapid7s-emerging-talent-programmes-foster-long-term-success/

Starting a Career in Tech? Learn How Rapid7’s Emerging Talent Programmes Foster Long-Term Success

Rapid7’s Emerging Talent Programmes pave the way for early career professionals to have a successful career in tech. In Belfast, we offer both an Apprentice Programme and a Placement Programme to support new talent coming into the tech field.

The Apprentice Programme is designed for individuals with established careers that want to pivot into the cybersecurity field. In our Placement Programme, students spend a full year working as a member of one of our teams while enrolled in university, gaining valuable experience working on real projects.

Cybersecurity is constantly evolving, and we work diligently to stay ahead of attackers and create a more secure digital future for all. Emerging Talent Programme participants bring fresh and valuable perspectives to our business and are equipped with the resources and opportunities to develop valuable industry knowledge and experience.

We spoke with several team members who went through these programmes and went on to pursue full time roles at Rapid7, and invited them to share their experiences.

What was the biggest hurdle you have had to overcome when starting your career?

When I joined Rapid7, I had no prior IT experience. My background was in mechanics. I was initially very nervous that my lack of IT experience would put me at a disadvantage. However, I was fortunate to be offered an opportunity with Rapid7 and Belfast Met. Rapid7 provided me with exceptional training and a support programme with ongoing mentoring. This ensured that I never felt left behind.

In the last 2 years working with Rapid7, my knowledge and skills have grown far beyond what I had ever hoped for. This is a testament to the talented individuals I work with and their willingness to share their expertise and help others.

Mark Gottschalk, Technical Support Engineer II

Coming from university and other experiences where I would have completed projects in smaller groups, understanding how information is stored and communicated across a large company and stakeholders took some time. I look at it as a valuable learning opportunity as you gain insight into how decisions are made in software companies and how stakeholders in all areas of Rapid7’s business interact with each other.

Christopher Jennings, Assistant Product Manager, Platform

How did you know you wanted to work at Rapid7?

I was interested in the culture at Rapid7 when looking for placement opportunities. The effort by the company to look after employee welfare was very attractive, and quite unique compared to other companies.

Kate Wilson, User Experience Designer I

My software engineering placement at Rapid7 was a pivotal experience in my career journey, as it helped me to determine my desired career path and confirm my interest in the company. Rapid7 impressed me with its position as a leader in the cybersecurity industry, as well as its ownership of the highly regarded tool, Metasploit.

The company’s focus on culture and values during the hiring process, and the positive experience I had with the people I met made a strong impression on me. These factors, combined with my passion for software engineering, led me to conclude that Rapid7 would be an ideal place for me to continue my professional development and pursue my career goals.

Jonathan Hume, Software Engineer I

How has this programme helped you determine your career path?

This placement programme has been instrumental in helping me determine my career path. I now have a better understanding of what product managers do and how different stakeholders within a software business interact to progress Rapid7 forward.

Christopher Jennings, Assistant Product Manager, Platform

The apprenticeship programme at Rapid7 has been a transformative experience for me. I have a strong interest in technology and a drive to learn and grow. I am surrounded by colleagues who are supportive and inclusive, and I have the opportunity to work on real-world projects that are challenging and rewarding. The programme provides a perfect balance between work and education, allowing me to complete my degree while gaining valuable experience.

Toni Ashe, Technical Support Engineer I

What has been your proudest accomplishment at Rapid7 so far?

My proudest accomplishment within Rapid7 has been the success of the Apprentice team I started with. At the end of our first year working within the Support team, we received the top three highest average customer survey ratings globally, as well as the top team globally. This was a moment of immense pride for all of us and serves as a testament to the effectiveness of the training and development programme for Support Engineers and the Apprenticeship programme!

Mark Gottschalk, Technical Support Engineer II, Support Coordinator Apprentice

My proudest accomplishment so far has been successfully completing my first coding project, which was a command palette modal that utilized hotkeys and other actions. Despite the challenges, I have worked hard and pushed myself to learn, and the reward of completing the project was worth all the effort.

Toni Ashe, Technical Support Engineer I

What piece of advice would you give someone entering a similar position?

I would advise anyone who is thinking about applying for an internship to be confident in their ability, ask lots of questions, and build a good knowledge base on the work and environment of the company and role you are applying to.

Kate Wilson, User Experience Designer I

For anyone considering a career move, my advice is: Take advantage of the opportunities for learning and growth, be open to feedback, and don’t be afraid to ask questions. Pursuing a career in this field can be challenging, but the results are rewarding if you are passionate about technology and have a drive to constantly learn and grow.

Toni Ashe, Technical Support Engineer I

Looking for a place where you can gain hands-on experience and drive real impact? Explore all our Emerging Talent programmes and opportunities here.

Secrets of a cybersecurity employer-of-choice

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/04/19/secrets-of-a-cybersecurity-employer-of-choice/

Secrets of a cybersecurity employer-of-choice

By Jay Prescott, Director, Global SOC Operations

While the staffing crisis is real, our global MDR SOCs are thriving with top-notch analysts, DFIR talent, and no revolving doors (they like it here). In a high-pressure, high-stakes business, these are our lessons learned.

Measure your staffing performance meticulously and publicly

In an industry plagued by burnout, churn, and open jobs everywhere, be obsessed with your metrics to retain top talent. We do.

  • Last year, we grew our global Managed Detection and Response (MDR) teams by 68%
  • Our voluntary attrition for SOC analysts is under 5%
  • Since the start of Rapid7 MDR seven years ago, we’ve only lost about one to two analysts per year (as competition for cybersecurity talent went white-hot)

Rapid7 recruits talent from all over the world to join us in our state-of-the-art SOC locations. Each SOC has incredibly high retention rates.

We prioritize investments in training, competitive pay, project work and extracurricular activities, and ensuring analysts are doing the work they enjoy. The leadership team is in tune with job satisfaction and directly attacks any aspect of the analyst duties that causes friction.

Peter Drucker said it best:  “Culture eats strategy for breakfast.”

According to a survey by Mimecast, 84% of security professionals are experiencing burnout due to the constant barrage of threats, the  talent shortage, and other employees’ mistakes (as a result of burnout).  And, while everyone battles “The Great Resignation” and our collective 5-year skills crisis, ZDNet reports it’s going to get worse. Nearly a third of the global cybersecurity workforce plans to leave the industry—not their jobs, but the entire industry—within two years.

To prevent burnout, we encourage a culture of friendship and after-hours socialization. People who work alongside friends help more and perform better. They trust one another.  Like just about anyone in our line of work, Rapid7 MDR employees know they can go anywhere and do what they do. They also know we greatly appreciate the fact they choose to do it here.

A member of one of our SOC had his car in the shop for far too long due to a supply chain shortage of the missing part.  There was only one thing to do for April Fool’s day:

Secrets of a cybersecurity employer-of-choice

As one member of the team stated, “we work at a place that crowdsourced a $700 prank!”

You don’t need budget for team-building consultants and “trust exercises.”  Camaraderie is created in Slack channels and karaoke nights at the bar on the first floor of the Rapid7 Arlington , VA office.

Create a learning organization

We’ve heard it called “alphabet soup after your name.” While certifications are important, real-world experience and constant learning trumps a course any day of the week. And the best way for the SOC to learn? By doing first-hand and sharing those learnings with everyone. Here’s some of the lessons learned:

First, eliminate silos. Each of our MDR SOCs are  composed of three tiers of analysts, working together on customer environments. There’s complete threat detection coverage, multiple layers of escalation and validation, and redundant knowledge. Additionally, the technology used by the SOC captures relevant details of the environment, detected threats, and analysis notes which are available to all analysts.

Second, train constantly. Rapid7 has a robust training program: a combination of external live training (SANS, Chris Sanders courses), self-paced learning (TCM malware analysis & forensics courses), as well as a robust internal security training program (modeled after specific incidents Rapid7 MDR has handled) to train our analysts quickly and effectively. All training is heavily focused on endpoint forensics, incident response, threat hunting, coding/scripting, and foundational security concepts. All analysts have the chance to attend external training every year. Internally, analysts learn from each other with weekly “lunch n’ learns” to level up their stills by learning from others around them and show off the latest threat they were able to thwart for our customers.

Third, we organized around learning in new ways. Over a year ago, Rapid7 merged our Incident Response Consulting Team with our MDR SOC to create an integrated team of Detection and Response experts. If an incident investigation appears to be major, analysts simply (and literally) swivel their chairs and tap Senior IR consultants and DFIR practitioners on the shoulder.

For major incidents, Rapid7’s TIDE Team (Threat Intelligence and Detections Engineering) is right there too. “We ride along with them and are watching what they’re discovering and we develop new detections,” says Eoin Miller, Manager of Detection and Response Services. “It helps not only that customer but any other customer that may be a current or future victim of that same attacker.”

Rapid7 MDR  also created a “Tactical Operations” (TacOps) team, which is primarily used as a “farm system” for analyst development. Typically, Associate Analysts at other Security Operation Centers are relegated to Tier 1 roles, focusing on low severity alert triage with little exposure to actual malicious activity or complex investigations. Rapid7 takes a different approach by throwing these Associate Analysts into the deep end to deal with real, high priority threats (the things we know are evil), which accelerates their learning curve. They’re actually looking at malicious activity all day, not just hundreds of benign alerts.

Our Associate level analysts have even gone on to publish their work and were tapped to lead a technical malware deep dive on one of the most popular security webinars in the world (Ultimate IT Security). Not too shabby for “entry level” folks to be presenting to a broad audience after only a year working in our SOC. Not surprisingly, we focus on promoting from within, with many analysts taking on advanced roles in forensic analysis and IR.

Finally, we’ve reorganized our services organization to bring our penetration testing team SOC analysts under one roof. We feel the best way to learn (and improve our ability to detect and respond effectively) is to encourage collaboration and knowledge sharing between both our offensive-minded and defensive-minded security practitioners. Iron sharpens iron.

Never compromise your standards

MDR analyst candidates go through an initial technical assessment (live on phone responses) with our Talent Acquisition partners in order to pre-screen candidates before the live technical interview panel.

During the interview Technical Panel, our interviewers’ goal is to push the candidate to the edge of their knowledge. We ask a series of questions which are progressively more difficult using real-world scenarios: “If you see XYZ behavior, walk me through the process from start to finish:

  • What technology and methodology would you use?
  • What data are you looking for?
  • Deep dive into why and how you’re looking at it?
  • How do you come to the determination that the behavior is malicious or benign?

This allows us to question various tools and techniques used in the course of an investigation. We then hire based on the candidate’s knowledge, skill set, and culture fit.

More questions like these and other best practices we use can be found in our guide, the 13 Tips for Overcoming the Cybersecurity Talent Shortage.

Say what your values are

Rapid7 has company core values. We’ve added to it with our “Culture Code for the MDR SOC.” Every organization and each SOC’s values are different. These are ours:

  • Ownership: Know what you’re responsible for and own it. We expect you to own your mission fully. Don’t make excuses, and don’t point fingers at others.
  • Customer-Centric: We are here for one reason—to deliver the managed security services our customers expect and deserve.
  • Passion and Purpose: Love what you do. While not everything you do every day is exciting, our team members genuinely enjoy their work and understand the importance of it.
  • Don’t Just ‘Turn The Wheel’: We’re not here just to handle alerts, run scans, perform hunts, or throw alerts over the fence for our customers to handle. We’re here to bring our security expertise to bear in the most effective way to better protect our customers at scale.
  • Risk Taking: Choosing not to take a risk is often the biggest risk. We will never fault someone for taking a well informed risk in order to better serve our customers.
  • Integrity: We never mislead customers or prospects or act against their best interests, and we are open and honest with our fellow Moose.
  • Never Done: This is not a clock-in / clock-out kind of job. While many days are predictable, others are not. Our North Star is customer outcomes, not time-based.
  • Glass Half Full: Security operations can be unforgiving—but we will remain positive and optimistic.
  • Have Fun: Get your job done, but have fun doing it.

We’re always looking for great security professionals to join our team. If the above piques your interest and you’re looking to join a part of something special, come check out our open Career opportunities.

7 Rapid Questions: Lindsey Searle

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/04/11/7-rapid-questions-lindsey-searle/

7 Rapid Questions: Lindsey Searle

Welcome back to 7 Rapid Questions, our blog series where we ask passionate leaders at Rapid7 to give us an inside look at what it’s like to work on their team, and how they’re creating an impact every day.

In this installment, we talk to Lindsey Searle, Senior Manager, Customer Advisors on how her team helps solve customer challenges, and how candidates can stand out in the interview process.

What kind of challenges are you/your team responsible for solving for customers?

The security space is evolving every day as hackers continue to advance. Many customer teams find themselves overwhelmed and in need of more customized services to stay ahead, and that’s where we can help support.

Our team is the face of Rapid7 for Managed Services customers. We provide advisory services for clients of all shapes and sizes and at all levels of their security maturity journeys. The Customer Advisor team works closely with the Security Operations Center (SOC) to monitor customers’ in-scope environments and provide custom tailored guidance to enhance their security posture. Many of our customers consider us an extension of their in-house security team, and we strive to build close knit working relationships and trust with each and every one of them.

In addition to day to day monitoring, our Customer Advisors work with our clients to understand their security goals, make recommendations to achieve those goals, and are personally invested in seeing those initiatives through to completion.

What does your team look like (team size, types of teams etc.), what growth has there been?

The Customer Advisor organization at Rapid7 grew by 30% last year—we added 35 new people to the team in 2022, including Advisors at all levels, four new managers, and a Vice President.

Our team is composed of all levels of security professionals, from associate CAs at the start of their career to tenured Lead and Principal Advisors. We have CAs supporting all three branches of Managed Services, and our teams are blended across Managed Detection and Response (MDR), Managed Vulnerability Management (MVM), and Managed Application Security (MAS) to allow for cross functional collaboration and learning.

We are fortunately in a position where as our Managed Services business grows, our Customer Advisor team has continued to expand, as it is a standard part of the service offering.

What makes the culture at R7 different from other tech / cyber security companies?

I always find it difficult to describe the Rapid7 culture when I interview candidates because it’s something that you really have to see to understand and believe. The underlying fact is that all Rapid7 employees are passionate about security—we are here because we want to help our customers succeed, and we truly enjoy working together for that common goal.

At the same time, every single person is unapologetically unique and does not hesitate to bring their own perspective to the table. We have a great balance of external hires bringing in fresh ideas, as well as internal hires that provide a different approach to a situation when you’ve worked on the other side of the curtain.

What 3 biggest things have you learned in your time at Rapid7?

One: Take the time to thank people for helping you out! We do ‘guitar picks’ at Rapid7—it’s an internal website where you can give fellow moose a virtual kudos and recognition, whether it be for a great presentation they gave, or for filling in for you on an assignment, or for just being awesome. Everyone in the company can see it, and the recipient gets a notification that they’ve received one. Sending a pick takes minutes but can make someone’s day! Our Chief People Officer selects a guitar pick submission and sends it out to the whole company every morning. It’s a quick and meaningful way to thank those around us.

Two: Don’t be afraid to ask questions—we are all constantly learning and there is definitely someone out there who can help.

Three: There is a Slack emoji for just about every situation, and if it doesn’t exist—make one! In fact, our recent Slack migration took longer than expected due to the 10,000+ custom emojis that Rapid7 employees have created. One of our core values is ‘Bring You’ so this is just one example of how people are getting creative to express themselves in different ways and build camaraderie in a globally distributed organization.

How does Rapid7 set you up for success in your role?

I was incredibly impressed with the corporate onboarding provided by Rapid7 when I went through it myself in late 2021. You attend your onboarding sessions with all new hires starting at the company that week and already start to build a network within your first few hours here.

Rapid7 is big on encouraging Insight Coffees—an informal 30 minute meeting with another Rapid7 employee to get to know them on a personal and professional level. Those connections stick with you throughout your time here and only strengthen your ability to work together down the road.

Our company culture is built around helping each other and working together as a team, which puts you in a great spot to be successful in your role.

What can a candidate do to stand out in the interview process?

Honestly, just be yourself—Bring You is a core value at Rapid7 and something that truly sets us apart from other companies. Finding people who embrace our collaborative culture and partner well to share ideas is a major piece of the Rapid7 interview process. These soft skills weigh as heavily as prior work experience and technical competency. Your individuality will set you apart from other candidates—so let your true self shine!

What advice would you give someone thinking about coming to work here?

Bring energy and enthusiasm, and take the time to build meaningful relationships with the people you work with. It is much easier to wake up and log on for the day when you are looking forward to interacting with your team members and your customers. At Rapid7 we live by the core value of ‘Impact Together’—teamwork makes the dream work! We have a far greater chance at success when working together than we do when trying to climb the ladder individually.

To learn more about Rapid7 Managed Services:


Rapid7 Podcast Explores Hybrid-First Workplace Learnings

Post Syndicated from Addie Curley original https://blog.rapid7.com/2023/04/11/rapid7-podcast-explores-hybrid-first-workplace-learnings/

Rapid7 Podcast Explores Hybrid-First Workplace Learnings

As the world continues to navigate the post-pandemic shift in work environments, Rapid7 is operating on a hybrid-first approach that balances flexibility and productivity with collaboration and optimizing for customer success.

In the spirit of cross-collaboration, the People Development and Workplace Experience teams partnered with managers across the company to record an internal podcast series. The series, dubbed “Have You Herd? Navigating Our Hybrid-First World!,” captures the stories and experiences of our managers adapting to hybrid work and how they support their teams. ‘Herd’ is a nod to our moose, the term we use to describe our people. Since the word ‘moose’ is both singular and plural, it means that we respect everyone’s individuality while working together as one team towards a common goal.

Chatting with our host, Senior Director of UX for the Detection and Response practice Gwen Betts, managers shared tips and tricks for building strong cross-functional teams, staying connected to the Rapid7 community, and most importantly, creating impact for our customers. Throughout these episodes, three key themes emerged: building strong team relationships, cross-team collaboration, and employee engagement. Take a look below to see how our managers are navigating these areas, and hear directly from some of them via the audio clips!

Strong Team Relationships

Whether you’re working together in person or virtually, it’s important to consciously create a dynamic and supportive team environment to help people drive impact. Balancing both environments in a hybrid workplace can often feel challenging. In Episode One, Director of Talent Acquisition Caroline Galvin and Senior Director of Software Engineering Neville O’Neill discussed how they foster team relationships for creating impact. Some tips they shared include:“Anchor your team around a common mission.” When team members are accountable to each other in pursuit of a common goal, the bonds of trust and respect are strengthened.

“Find ways to come together for the moments that matter.” There are many ways to celebrate wins virtually, but don’t lose sight of the value of coming together in person to celebrate the big milestones or especially noteworthy occasions. This can create a solid foundation that helps those virtual celebrations and events become even more meaningful because of what you’ve spent time to build intentionally.

“Connect as humans! Be more relational, less transactional.” Encouraging your team members to bring their full selves to work (like we emphasize with our Bring You core value) and connecting on a personal level improves communication and trust for working through tough situations.

The Magic of Cross-Team Connections

Not only are our Moose moving between home and office work environments, but our managers often have direct reports and cross-functional stakeholders working across different locations and time zones as well. Ensuring they have a solid communication plan is fundamental to their team’s success.

In Episode Two, Jan Krijgsman, Senior Sales Manager and Aniket Menon, Vice President of Product Management shared their tips for developing clear and consistent communication channels:

“Be clear with Slack message/email intentions.” Let the recipient know whether a question or request is urgent, or can wait for a response. Respecting people’s time and helping them prioritize their work makes for better collaboration.

“Engage in regular check-ins with your direct reports.” Build a connection based on trust so that difficult conversations are not avoided and feedback exchanges can be prioritized.

“Empower team members to connect cross-functionally.” Encourage them to develop their internal networks. Every day, Rapid7’s InsightCoffee program empowers our people to develop cross functional relationships that otherwise would not have been possible.  We’re intentional in making sure all of our Moose feel encouraged to reach out and chat with anyone, at any level, on any team.

Employee Engagement

A major focus of the podcast has been employee engagement in a hybrid world. With reduced face-to-face time and the ever-present threat of Zoom fatigue, how do managers help their teammates stay engaged with the Rapid7 community? All of our podcast guests had fantastic solutions that they use to consistently boost team morale:

“Utilize the concept of ‘first’ and ‘second’ teams (or, regional and functional teams).” If you have team members who are geographically separated from the rest of the team, work with them to develop a regional team with those who work in the same location. This helps balance creating a strong global team culture with strengthening the micro-cultures that form locally, establishing a strong foundation for people to feel even more connected.

“Slack is the new water cooler!” Have a few minutes in between Zoom meetings, or taking a coffee break? This is the best time to drop into those ‘fun’ Slack channels to engage with others around personal interests. Some favorites at Rapid7 include the #puppies and #cooking channels!

“Celebrate ‘wins’!” Make an effort to acknowledge and celebrate the incredible work that your team does. Show that what they accomplish makes a real impact on the success of the team and the business!


Our work environments look quite different than they did three years ago. While we have largely settled into this new way of working, we embrace our core value of Never Done by continuing to ask ourselves how we can continue to improve. At Rapid7, we truly believe that our managers are impact multipliers, with a direct hand in optimizing our teams and creating impact for our customers. This podcast series has given our managers another way to learn from each other and collaborate on best practices for building strong team relationships, improving cross-team collaboration, and encouraging robust employee engagement.

Celebrating Women’s History Month at Rapid7

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/03/22/celebrating-womens-history-month-at-rapid7/

Celebrating Women’s History Month at Rapid7

Each March, we reflect on the historical accomplishments and ongoing need to support women. This, of course, should be embraced all 12 months of the year, but Women’s History Month gives us a special opportunity to learn from, celebrate, and amplify the voices of women.

At Rapid7, we’re shining a light on women’s voices all month long with special events and panel discussions, while recommitting to the ongoing efforts that last all year long. Below you’ll find some highlights from our International Women’s Day panel, which focused equity, inclusion, and advocacy in the workplace.

Rapid7 International Women’s Day Panel

This year’s panel focused on the difference between equity and equality. While historically the focus has been on creating equal opportunities, it’s argued that focusing instead on equitable policies is more effective, as it takes into account the advantages and disadvantages of each individual’s circumstance.

“If we want to drive equitable processes to create an EQUAL playing field, we need to recognize the advantages and disadvantages that are out there today, and address them,” said Laura Ellis, Rapid7 Vice President of Data Engineering and Platform Analytics.

Creating equitable processes requires a dedicated effort and requires us to lean into hard conversations to address common stigmas. If organizations are committed to creating equitable policies and practices, having a culture that supports safe spaces is essential in getting to the most impactful solutions.

“Safety comes easy for a lot of our dominant groups or leaders with a certain title—but we should be aware that it’s not always there for our non-dominant groups,” said Nancy Li, Rapid7 Director of Engineering. “Be open to trying different forums where people can speak. Your loudest voices aren’t always representative of the whole population.”

So, what are some practices that we can take into the workplace to help create more equitable workplaces? Here are a few additional takeaways from the discussion.

  1. Grow your teams with intention. If you are a hiring manager, or in a role where you influence hiring, slow down and partner with your Talent Acquisition team to ensure you’re seeking out a diverse candidate pool right from the start. Ask questions about where they are sourcing talent, what schools and universities they are historically partnering with, and see if there are opportunities to incorporate more diversity into the talent pipeline. It doesn’t stop once someone gets hired either—mentoring and providing support can help them gain the skills necessary to continue to advance their careers. Build out a multi dimensional team, and be open to the ways that each member’s different experiences can help fuel the innovation and creativity of the team.
  2. Be an Upstander for One Another. Many women on the panel shared experiences of when another woman or a male ally stood up for them in the moment. What was shared was that once you feel the support of someone standing up for you by pointing out something that wasn’t right, it makes that person feel even more comfortable passing that support on and standing up for someone else. As stated by one group member, “After an upstander demonstrates how you should be treated—what a difference it makes in your confidence, and in your ability to be an upstander for someone else and pay that forward. Embrace it and then pass it on and use it to support someone else.”
  3. Recognize that progress is fragile—we cannot lose focus. While women have made significant advancements in the workplace, the COVID-19 pandemic illustrated just how fragile this progress can be, especially when many women still bear the brunt of caregiving. While panelists observed progress being made and the gender diversity of the teams around them, they also pointed out that post pandemic, many women who left the workforce still have yet to return. In fact, the US Department of Labor reported that more than two years post-pandemic, women’s labor participation is still a full percentage point lower than what it was pre-pandemic. This means that roughly 1 million women are missing from the labor force. Flexible working policies provide a way to ensure that employees are able to balance their personal commitments and caregiving responsibilities with their work responsibilities. Offering this flexibility to both men and women in the workplace takes this one step further, as it was noted that even policies that are not exclusively for women, have the ability to impact women elsewhere as families are able to share responsibilities more equally.
  4. We all have imposter syndrome. Imposter syndrome isn’t something that is limited to a specific pay band or job level. We are consistently our own toughest critic, and can sometimes feel like there is “someone else” who should be taking advantage of an opportunity or stepping up to take on a leadership role. To combat imposter syndrome,  the panel recommended  looking around the room to determine where your skills can add value, and not being afraid to share that. It was also mentioned that many women are quick to brush off compliments when they are recognized for their work. However, it takes a lot for someone to go out of their way and pay you a compliment, so when that happens, lean into it and really listen to that positive feedback. Those moments can really make an impact on what you believe you are capable of, and make it easier to overcome that feeling of imposter syndrome. Finally, the group stressed the importance of leveraging the resources available to you through your employer, whether it’s access to therapy services or an employee assistance program. Sometimes the key to overcoming imposter syndrome is having someone help us reframe the situation, and shift our perspective. There’s no shame in speaking with someone who is trained to help us navigate all stages of life and career.
  5. Use your voice. Even if it shakes. When paving the path to a more equitable world, things aren’t going to be easy or comfortable the whole time. Continue to speak up and speak out – both for yourself, and for others.

This panel discussion took place on March 8th, and through the month our Women Impact Group will continue to partner with the business to host open and honest conversations and opportunities for reflection and education. This includes an allyship training session hosted by both our Women’s Impact Group and our PRIDE Impact Group, with guests from PFLAG.

In our internal communication channels, we’re spotlighting women in our organization who are making a considerable impact on our business and customers, shining an extra spotlight on the work and accomplishments of our own women at Rapid7. In a fireside chat, “Celebrating Women’s Voices”, leaders shared their own experiences in the workplace and the importance of sharing our journeys and building each other up. From parenting challenges to advocating for yourself and others, to moments of self doubt, these personal stories are shared to emphasize the importance of hard conversations and navigating challenges.

While we remain committed to uplifting the voices and representation of women in our industry throughout the year, we’re proud to have our Rapid Impact Groups driving these events in March that spark important conversations and provide real resources and opportunities for connection and community for our people.

Click here to learn more about our Rapid Impact Groups, and our ongoing commitment to diversity at Rapid7.

Practice Operations Manager Looks Back On First Five Months With Rapid7

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/03/20/practice-operations-manager-looks-back-on-first-three-months-with-rapid7/

Practice Operations Manager Looks Back On First Five Months With Rapid7

Elianna Sfez is a Detection and Response Practice Operations Manager based in Rapid7’s Tel Aviv office. As she approaches her six month anniversary with the company, we sat down to chat about her new hire journey, initial impressions and experiences in her new role, Rapid7 culture, and more.

Tell me about your role at Rapid7.

I am the Threat Intelligence Practice Operations Manager. My main goal is to help our teams work more efficiently on cross functional projects, whether that’s within our specific practices or between practice teams. Most of the projects I deal with are aimed at supporting the customer experience and improving the customer journey. In my role, I look at everything from R&D to Customer Success and Product and look for ways to deliver the best experience and journey for our customers. Typically, that means identifying bottlenecks and looking for ways to make things better.

What made you excited to join Rapid7?

In my career, I’ve worked with a mix of true startups, as well as companies that were transitioning from the startup phase to a more mature corporation by way of acquisition. This specific type of growth is really interesting to me—seeing the transformation happen as they move from a small startup to a larger company. With Rapid7, I was excited about the challenge of the role. With the maturity of the company and its acquisition of IntSights, I was really excited to be part of navigating that change for the team and building out this new role in Tel Aviv.

What are the major differences you see between working in a startup environment vs. a more global corporation?

There are a lot of differences moving from a startup to a larger corporation, mostly in the way you work and the pressure of the environment. In a startup, you have to be very reactive and respond to challenges at any time—even if it means being up at 3:00 am to troubleshoot issues. There’s a ‘whatever it takes’ mentality and as you are trying to build something from the ground up. It’s important to get that momentum going and have the ability to wear a lot of different hats to solve challenges. The CTO is often right in the trenches with you, and everyone is working around the clock to keep the business moving forward.

As you get larger, you have to get better at being proactive and seeing that fire coming, and figuring out how to fix it before it becomes an issue. Cybersecurity is a field where this is really important because hackers are advancing every day. We’re challenging ourselves to anticipate what customers are going to need 6 months, a year, or two years from now, so we can continue to stay ahead. In a bigger company you have more resources and people who are able to be experts in their areas of focus. We have teams that we can rely on for their insights and expertise, and you aren’t on your own to solve problems. You have more of a support system to lean on and that also helps you grow and learn too.

How would you describe your onboarding experience?

My onboarding experience was interesting, mostly because I don’t have any team members locally in Israel. My manager is in the US and we’re truly a global team. Regardless, people were really welcoming and amazing each step of the way. It was nice to meet other new hires from around the world during the global onboarding sessions, and everyone in the local office was eager to learn more about what I do, and how they can help.

My manager created an onboarding project plan which was also really helpful. I got to see an overview of what my first week would look like, what my first month would look like, and felt confident knowing everything was set up already. There was a good mix of meetings on my calendar with people my manager wanted me to connect with, but I also had enough unscheduled time where I was encouraged to do my own outreach and determine who else I would want to connect with and learn from as well.

Having ownership in the process made it really exciting and gave me permission to ask questions and learn more about the business. My manager even asked me to think about three things I wanted to go and learn more about or become an expert in. That permission to grow and learn right from the start is really empowering in terms of creating your own career path.

What do you enjoy most about your role?

I enjoy the challenge of working with a global team to help build and improve on our customer experiences. I feel I am creating an impact, and that I have the support of the people around me. One thing I’ve found here is that even if someone doesn’t have an answer to your question, they are more than happy to help you find the right person or go find out and circle back with you. Everyone here has new ideas, and those ideas are really welcome. People are curious and ask the right questions to get to the root of a challenge, and there’s an appetite to keep trying new things to find solutions.

How would you describe R7 to someone outside the company?

Everyone has a shared goal of bringing more value to our customers. That alignment helps us all feel connected and committed to helping each other get to the best outcomes possible. It’s a big job and it takes a lot of work, but it also gives you an incredible opportunity to grow in a place where you are supported and encouraged to try new things.

How do the Rapid7 values influence workplace culture?

The company is really living their core values, it’s not just something that they promote externally. Everyone is expected to be transparent and open, and everyone is really supportive in helping you grow and do the best work possible.

When it comes to workplace flexibility, there’s a culture where everyone trusts one another to do what they need to do. As a mom, this means I’m able to leave early and pick up my son and then jump on after hours to wrap things up. I’m having my second child in April, and Rapid7 hired me while I was pregnant. All of my team members were so welcoming and wonderful about this. I’ve even recommended a friend to cover for my role while I’m on maternity leave.

I honestly can’t say enough good things about the culture of the company, the values they have, and the exciting and interesting work that’s being done. There’s an opportunity to do really incredible and impactful work, but also have that space to create balance in our lives without being judged or feeling guilty.

To learn more about opportunities available at Rapid7, visit: careers.rapid7.com.

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/02/16/rapid7-ceo-corey-e-thomas-appointed-to-national-security-telecommunications-advisory-committee/

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

President Biden has announced his intent to appoint a group of highly qualified and diverse industry leaders, including Rapid7 chairman & CEO Corey E. Thomas, to the President’s National Security Telecommunications Advisory Committee (NSTAC).

Rapid7 CEO Corey E. Thomas Appointed To National Security Telecommunications Advisory Committee

NSTAC’s mission is to to provide the best possible technical information and policy advice to assist the President and other stakeholders responsible for critical national security and emergency preparedness (NS/EP) services. The committee advises the White House on the reliability, security, and preparedness of vital communications and information infrastructure. It is focused on five key themes:

  • Strengthening national security
  • Enhancing cybersecurity
  • Maintaining the global communications infrastructure
  • Assuring communications for disaster response
  • Addressing critical infrastructure interdependencies and dependencies

Thomas joins a talented group of telecommunications and security executives from companies such as AT&T, Microsoft, Cisco, Lockheed Martin, T-Mobile, and Verizon. These executives bring diverse perspectives backed by years of unique industry experience.

“It is an extreme honor and privilege to be named to the President’s National Security Telecommunications Advisory Committee,” said Thomas. “I look forward to the remarkable opportunity to provide cybersecurity guidance to the President’s administration and to work alongside and learn from  this talented group of individuals, many of whom I’ve admired throughout my career.”

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/02/13/rapid7-and-usf-building-a-diverse-cybersecurity-workforce-is-not-optional/

Rapid7 and USF: Building a diverse cybersecurity workforce is not optional

By Raj Samani and Peter Kaes

Today marks an important day for Rapid7, for the state of Florida, and if we may be so bold, for the future of our industry. The announcement of a joint research lab between Rapid7 and the University of South Florida (USF) reaffirms our commitment to driving a deeper understanding of the challenges we face in protecting our shared digital space, while ushering in new talent to ensure that the cyber workforce of tomorrow is as diverse as the individuals who create the shared digital space we set out to protect.

With the Rapid7 Cybersecurity Foundation, we are proud to announce the opening of the Rapid7 Cyber Threat Intelligence Lab in Tampa, at USF.  We intend for the lab to be an integral component in real-time threat tracking by leveraging our extensive network of sensors, and incorporating this intelligence not only into our products and customers, but to make actionable indicators available to the wider community. This project also reaffirms our commitment to making cybersecurity more accessible to everyone through our support of research, disclosure, and open source, including projects such as Metasploit, Recog, and Velociraptor to name a few.

We believe that providing USF faculty and students this breadth of intelligence will not only support their journey in learning, but fundamentally provide a clearer path in determining areas to focus in their careers. We are hopeful that working side by side with Rapid7 analysts can help propel this journey, and enhance the meaningful research developed by the university.

As part of the commitment for this investment—and consistent with the guiding principles of the Rapid7 Cybersecurity Foundation—we intend to promote diversity within the cybersecurity workforce. In particular, we plan on opening doors to individuals from historically underrepresented groups within the cybersecurity workforce. With the objective to ensure that research projects are inclusive of those from all backgrounds, we are optimistic that not only will this introduce hands-on technical content to those who may not otherwise have such opportunities, but also, in the longer term, encourage greater diversity within the cybersecurity industry as a whole. We remain steadfast in our commitment to broadening the opportunities within cybersecurity to all those with a passion for creating a more secure and prosperous digital future.

We are deeply thankful to USF for their shared vision, and look forward to a partnership that benefits all students and faculty while producing actionable intelligence that can support the entire internet and the broader industry. Ultimately, the threatscape is such that we recognise no one organization can stop attackers on their own. This partnership remains part of our commitment to establish the relationships between private industry and partners that include academia.

Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/02/07/rapid7-recognized-on-bloomberg-gender-equality-index-continues-commitments-to-support-dei/

Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI

For the fifth year in a row, Rapid7 is pleased to share that we’ve been included in the Bloomberg Gender Equality Index. The Gender Equality Index (GEI) recognizes publicly traded companies for being transparent in their commitment to gender equality. This includes how they score in areas such as talent pipeline and leadership, equal pay and gender pay parity, inclusive culture, anti-harassment policies, and more. Inclusion in the GEI for 2023 recognizes our commitment to transparency while building a workplace that enables every person to have the career experience of a lifetime.

Diversity, Equity, and Inclusion at Rapid7

We know that diversity of backgrounds and mindsets help us close gaps in experience and spark innovation. A deep commitment to Diversity, Equity, and Inclusion is core to the strength and success of our business. It empowers communities, makes our company healthier, and makes our customers more secure. It’s also, quite simply, the right thing to do.

Bring You is an initiative that builds on the focused efforts we started in 2018 to ensure that every employee—regardless of their ethnicity, gender, religion, or background—has the opportunity to thrive in their career and feel a sense of belonging within our community. More than just a set of goals, Bring You is using targeted investments to cultivate an increasingly diverse workforce as we continue to grow. While that overarching mission speaks to the essence of inclusion, Bring You highlights our focus on continuing to strengthen our gender and racial diversity in the organization in a measurable, impactful way.

In 2022, we celebrated the addition of three new employee resource groups, while bringing additional structure and resources to the existing three. The resource groups, referred to as our Rapid Impact Groups, are entirely driven by employees who serve as local leads, while being supported by the business. Today, these Rapid Impact Groups include:

  • Rapid7 Women: Supporting and advocating for women and female identifying individuals
  • Moose Mosaic: Supporting and advocating for our AAPI community
  • Moose Vets: Supporting and advocating for our veterans and former military community
  • Rapid7 Diversability and Neurodiversity: Aims to level the playing field by making the day-to-day experience of ALL employees equivalent in challenge level regardless of disability or neurodivergence
  • Rapid7 Pride: Supporting and advocating for our LGBTQIA+ community
  • Rapid7 Vibranium: Supporting and advocating for our Black and LatinX community

Click here to learn more about Diversity, Equity, and Inclusion at Rapid7, including our latest social good report.

Looking Ahead

One of our core values is: Never Done. We will continue to be transparent about progress and push forward to create more inclusive environments, build a workforce that reflects all communities present in the world, and create a culture committed to educating ourselves to better empathize and support one another.

In 2023, we will continue to challenge ourselves, leaning into additional programming, creating new ways for employees to build cultural competency and investing in more tools so we can continue to build teams that are dynamic, innovative, and more effective in driving positive customer outcomes.

We value visibility and being included in surveys such as the Bloomberg Gender Equality Index, as it allows us to measure the progress on our journey and be accountable, as a responsible leader in the Cybersecurity space.

Rapid7 Recognized on Bloomberg Gender Equality Index, Continues Commitments to Support DEI

A Customer Success Manager’s Journey to Cybersecurity

Post Syndicated from Rapid7 original https://blog.rapid7.com/2023/01/31/a-customer-success-managers-journey-to-cybersecurity/

A Customer Success Manager’s Journey to Cybersecurity

Originally planning to pursue a career in sports journalism, Blake Walters joined Rapid7 ready to roll up his sleeves and learn about an entirely new field—cybersecurity. Walters always had an interest in computer engineering. However, he craved the ability to connect with people and build relationships instead of working deep within coding.

Walters is a learner by nature and is not afraid to take on new challenges or face new risks. Living by the mindset, “If I don’t know, I will work to figure it out,” he began his journey as a recruiter in the technology space. This gave him a great opportunity to learn more about how software is built, which eventually led him to Customer Success, where he could build relationships with customers and help others.

Walters had his first personal brush with cybersecurity when a client he was working with, a small hospital, got hit with Wannacry ransomware in 2017. He became even more curious about cybersecurity as he witnessed firsthand the impact it had on his client.

A Customer Success Manager’s Journey to Cybersecurity

“You know what cybersecurity is and you know people get hacked all the time, but unless you are in it, you don’t realize the ins and outs of what that impact is,” he said. “There were 4-5 weeks where they couldn’t access hospital records, patient information, company files, ANYTHING. That’s a big challenge for a small hospital, or any company.”

From there, the stars aligned, and Walters was approached with an opportunity to join Rapid7. He noted that during his interview there was less emphasis on having a vast amount of cybersecurity knowledge. Instead, the focus was on his ability to build relationships and proactively use the resources provided by Rapid7 to build the industry knowledge needed to be successful in the role.

According to Walters, joining Rapid7 felt like he had finally found a place where he could do what he loved, while being supported in continuing to learn a new industry and grow his career.

“With cybersecurity, it doesn’t matter what you did yesterday. Hackers are changing all the time. If we aren’t also helping our customers evolve and improve their security over time, we are doing them a disservice,” he said. “That’s why Customer Success is so important. It doesn’t matter how good you’ve been in the past, it’s about how good you’re going to be moving forward. That is an exciting and motivating mindset to have.”

One of the biggest misconceptions about cybersecurity is that you need to have specific knowledge to break into the field. According to Walters, that was not his experience.  

Everyone has a day 1. You don’t wake up with knowledge of cybersecurity products,” he said. “If you are trying to break into the field, just start reading. There is plenty of information out there. Learn the basics, and then as you’re looking at companies and jobs, start tailoring your understanding of what that company does.”

In an environment where things change so rapidly, it is integral to have an open mind and willingness to adapt. In regard to Rapid7 specifically, Walters believes diversity is key to the company’s success.

“Having different types of people and backgrounds in an organization has a huge impact. It keeps you out of groupthink and lets people collaborate for a common good,” he said. “At Rapid7, that stood out to me early in the interview process. Everyone is challenging one another to be better. That’s what I was looking for in a company regardless of what industry or business it was.”

Overall, Walters wants others out there thinking about entering the cybersecurity space to know that with some effort, you can make it happen. Even without a technical background.

“Don’t be afraid to push yourself outside your comfort zone. I came into this with no cyber experience. It shows the ability of Rapid7 to take a risk on people who are willing to come in, devote themselves to learning and growth, put in the work, and make an impact,” he said. “It’s not about just finding a job, it’s about finding a home.”

To learn more about opportunities available at Rapid7, visit: careers.rapid7.com

Rapid7 Announces Global Days Off to Support Employees in 2023

Post Syndicated from Christina Luconi original https://blog.rapid7.com/2023/01/04/rapid7-announces-global-days-off-to-support-employees-in-2023/

Rapid7 Announces Global Days Off to Support Employees in 2023

On January 3rd, it was a little bit quieter than usual here at Rapid7. That’s because our offices were closed for our first of five Global Days Off for 2023.

Global Days Off are designed to encourage teams around the world to unplug and rest, enabling them to bring their best selves back to work. At Rapid7, we care for our employees and believe these days will enable our teams to rest and recharge together, so we can continue to create positive outcomes for customers.

We already offer generous or unlimited paid time off plans, as well as a high level of flexibility in how our people structure their days. However, we all recognize that it can be difficult to step away from our work, especially when that work is so impactful. Global Days Off are aimed at providing relief throughout the year.

Days are strategically placed throughout the year, either extending existing holidays or weekends, or providing much needed relief during stretches of the year without holidays. They provide an opportunity for our people to enjoy a day off without feeling the urge to “check in,” having to miss out on meetings, or sift through an overcrowded inbox upon their return.

We are in the process of creating an updated service schedule for shift teams that directly monitor and support customers, so everyone can enjoy time off without impacting our customers.  

We’ve always done our best to balance the well being of our team, while delivering the best outcomes for our customers—especially over the last few years.  By continuing to invest and align our people strategy and actions with our business goals, we are well positioned to create impact for our customers, our employees, and our industry.

If you’d like to learn more about the important and impactful work our teams are doing around the globe, check out our careers site.

Rapid7 Recognized as a Top Place to Work in for 11th Consecutive Year

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/12/12/rapid7-recognized-as-a-top-place-to-work-in-for-11th-consecutive-year/

Rapid7 Recognized as a Top Place to Work in for 11th Consecutive Year

On November 30th, 2022, Rapid7 was again recognized by The Boston Globe as a Top Place to Work in Massachusetts. This marks the 11th consecutive year Rapid7 has made the list, this time coming in at #3 in the large company category. Top Places to Work rankings are based on a Globe survey that measures worker opinions about their company’s direction, management, pay and benefits, culture, engagement, and more.

Christina Luconi, Chief People Officer at Rapid7, is proud that the company has maintained such a consistent place in one of the most prestigious workplace award programs in the region—especially as the company has grown and scaled over more than a decade.

“We started participating when Rapid7 had less than 100 employees. Since then, we’ve scaled the size categories from small, to medium, to large, and still maintained that ‘great place to work’ status,” she said. “Today, we have nearly 2,700 people in offices around the world, with 735 in our Boston headquarters.”

Luconi believes it’s more than office perks that keep people engaged and ensure long term company success. “The companies that stand the test of time as truly amazing places to work are those that unite employees around a shared mission of customer success,” she said. “From there, these organizations are able map their business strategy back to an environment where their people are inspired, motivated, and thrive.”

To create an environment that fosters innovation and success, Rapid7’s people development team empowers employees to take ownership of their career trajectory and goals. This includes programs at every stage of the employee lifecycle, from onboarding to management and leadership positions.

“Rapid7’s strong sense of core values, impactful company mission, and alignment between business and people strategy is what makes the company special,” said Luconi.

For more information about working at Rapid7, please visit our careers page.

Powerlifting in the Cybersecurity Skills Gap

Post Syndicated from Jake Godgart original https://blog.rapid7.com/2022/12/01/powerlifting-in-the-cybersecurity-skills-gap/

All the reasons

Powerlifting in the Cybersecurity Skills Gap

Is there too much to do with too little talent? If your SOC hasn’t been running smoothly in a while, there’s likely multiple reasons why. As a popular slang phrase goes these days, it’s because of “all the reasons.” Budget, talent churn, addressing alerts all over the place; you might also work in an extremely high-risk/high-attack-frequency industry like healthcare or media.

Because of “all these reasons” – and possibly a few more – you find yourself with a heavy load to secure. A load that possibly never seems to get lighter. Even when you land some truly talented security personnel and begin the onboarding process, more often these days it seems like a huge question mark if they’ll even be around in a year. And maybe the current cybersecurity skills gap is here to stay.

But that doesn’t mean there’s nothing you can do about it. It doesn’t mean you can’t be powerful in the face of that heavy load and attack frequency. By shoring up your current roster and strategizing how your talent could best partner with a managed detection and response (MDR) services provider, you might not have to simply settle for weathering the talent gap. You may find you’re saving money, creating new efficiencies, and activating a superpower that can help you lift the load like never before.

The hidden benefit

Let’s say retention isn’t a huge issue in your organization. As a manager, you try to stay upbeat, reinforce daily positivity, and show your gratitude for a job well done. If that’s truly the case, then more likely than not people enjoy working for you and probably stick around if they’re paid well and fairly for the industry average. So why not shore up that culture and confidence by:

  • Lightening the load: Remove the need to deal with most false positives and frequent alerts. If your people really do like working in your organization – even in the midst of a challenging talent gap – they enjoy their work/life balance. Challenging that balance by demanding longer hours to turn your employees into glorified button pushers will send the wrong message – and could send them packing to other jobs.  
  • Preventing burnout: Cybersecurity professionals have to begin somewhere, and likely in an entry-level position they’ll be dealing with lots of alerts and repetitive tasks while they earn valuable experience. But when faced with the increasing stress of compounding and repetitive incidents – whether false or not – experienced workers are more likely to think about ditching their current gig for something they consider better. Nearly 30% of respondents in a recent ThreatConnect survey cited major stress as a top reason they would leave a job.
  • Creating space to innovate: Everyone must deal with tedious alerts in some fashion throughout a career. However, skilled individuals should have the space to take on larger and more creative challenges versus something that can most likely be automated or handled by a skilled services partner. That’s why an MDR partner can be a force multiplier, providing value to your security program by freeing your analysts to do more so they can better protect the business.    

Retention just might be the reason

The last point above is one that’s more than fair to make. Freeing your individual team members to work on projects that drive the more macro view and mission of the security organization can be that force multiplier that drives high rates of retention. And that’s great!

The subsequent challenge, then, lies in finding that partner that can be an extension of your security team, a detection and response specialist that can field the alerts and focus on ridding your organization of repetitive tasks –  increasing the retention rate and creating space to innovate. Ensuring a great connection between your team and your service-provider-of-choice is critical. The provider will essentially become part of your team, so that relationship is just as important as the interpersonal dynamics of your in-house teams.

A provider with a squad of in-house incident response experts can help to speed identification of alerts and remediation of vulnerabilities. If you can partner with a provider who handles breach response 100% in-house – as opposed to subcontracting it – this can help to form closer bonds between your in-house team and that of the provider so you can more powerfully contain and eradicate threats.

Resources to help

To learn more about the process of researching and choosing a potential MDR vendor, check out the new Rapid7 eBook, 13 Tips for Overcoming the Cybersecurity Talent Shortage. It’s a deeper dive into the current cybersecurity skills gap and features steps you can take to address your own talent shortages or better partner with a services provider/partner. You can also read the previous entry in this blog series here.

Culture Fitness

Post Syndicated from Jake Godgart original https://blog.rapid7.com/2022/11/10/culture-fitness/

Culture Fitness

Have you checked in on the overall health of your team lately?

What would a new hire think of your current team?

Companies all over the world – particularly those of the higher-profile variety – tout their positive cultures and how great it is to be part of the team. This is especially true in the age of social media, when groups and teams within companies frequently post about what they’re doing to make the company a better place to work and move positive initiatives forward. But what a shrewd potential hire should really be looking for is a culture with true depth, not just a social media presence.

The United States Navy is a great practitioner and example of this true depth of culture in the way they recruit for the famed SEAL Team Six. New members aren’t chosen solely on past performance, even if they’re the best of the best. They’re chosen based on performance and their ability to be trusted, with even lower performers sometimes chosen due to the fact they can be trusted more so than others.

If a potential new hire – whose work history indicated high performance and high trust – was on interview number two or three and came in to meet with several members of your current team to get a feel for the overall culture, what would that person think at the conclusion of those meetings? With that consideration in mind, think about the culture of your current team and if it’s an environment that would attract or repel prospective talent.


Working in a SOC is quite different from working in a flower shop. It’s true that there are certain hallmarks of camaraderie that are repeatable across industries. But cybersecurity is different. Practitioners in our industry have an incredible responsibility on their shoulders. Some providers simply alert you to trouble – think of it like a fire department that alerts you that your house is on fire – but the best ones contain the threats. And the best ones are where talent wants to be. So, what are some tangible actions we know will make analysts consider your SOC a great and happy place to work?

  • Engage your team – This doesn’t have to be some sort of program with a name or anything official. Happy hours, coffee breaks, team lunches, conversations; this type of camaraderie may seem obvious, but it’s amazing how quickly team culture can fall by the wayside in favor of simply getting the work done and then going home. Even something like reserving the first 20 minutes of your regular Wednesday all-team check-in to talk about anything other than work can become something memorable your team looks forward to.
  • Put the human above the role – Even while everyone is heads down on an ETR, there’s always time to be motivational, positive, and celebrate the small wins. That doesn’t mean you have to throw a pizza happy hour every time your team does their jobs well, but positive reinforcement is a must. While everyone deserves a fair salary and to be compensated appropriately for their time and doing their job well, there are those talented individuals driven more by recognition for a job well done than by salary. And you don’t want to see those individuals begin to feel like just another cog in the machine – and then eventually leave.    
  • Commit to cybersecurity, not conflict – According to last year’s ESG Research Report, The Life and Times of Cybersecurity Professionals, those professionals find organizations most attractive that are actually committed to cybersecurity. 43% of individuals surveyed for the report stated that the biggest factor determining job satisfaction is business management’s commitment to strong cybersecurity. It’s great if you consider a candidate a strong fit, but how’s your team’s relationships with other teams? Would that candidate see themselves as a fit amongst those dynamics?  
  • Promote a healthy team with a healthy dose of DEI – In that same ESG report, 21% of survey respondents said that one of the biggest ways the cybersecurity skills shortage impacted their team was that their organization tended not to seek out qualified applicants with more diverse backgrounds; they simply wanted what they considered the perfect fit. Diversity, Equity, and Inclusion (DEI) should be something that attracts great talent and that is ultimately reflected in the culture. Candidates should feel they aren’t being sold a “false bill of goods.” Show them that everyone has an equal shot at opportunities, pay, and having a say in the actions of your SOC.

Implement and complement

It’s not an overnight thing to tweak certain aspects of your culture to address issues with your current team, nor is it a fast-ask to to attract great talent and retain them far into the future. Talking to your team, engaging them with tools like surveys and open dialogue can begin to yield an actionable plan that you can take all the way to the job listing and the words you use in it. The key to being successful is to be genuine in your approach to building a culture that is inclusive, engaging, and fun.

The culture fit can also extend to partnerships. If you’re thinking of engaging a managed services partner to help you fill certain holes in the cybersecurity skills gap that may be affecting your own organization, it’s important to thoroughly vet that vendor. Much like partnering with a new hire in the quest to thwart attackers, implementing a long-term partnership with a managed services provider can complement your existing SOC for years to come. But it has to be a good fit: Is the provider dependable? Is there a 24/7 number you can call when you need immediate assistance? Beyond that, do your companies share similar values and ethical concerns?

You can learn more in our new eBook, 13 Tips for Overcoming the Cybersecurity Talent Shortage. It’s a deeper dive into the current cybersecurity skills gap and features steps you can take to address talent shortages. It also considers your current culture and its ability to amplify voices so that, together, you can extinguish the most critical threats.

From Churn to Cherry on Top: How to Foster Talent in a Cybersecurity Skills Gap

Post Syndicated from Jake Godgart original https://blog.rapid7.com/2022/10/27/from-churn-to-cherry-on-top/

From Churn to Cherry on Top: How to Foster Talent in a Cybersecurity Skills Gap

The mythical (un)icorn pipeline

When it comes to building a cybersecurity talent pipeline that feeds directly into your company, there’s one go-to source for individuals who are perfectly credentialed, know 100% of all the latest technology, and will be a perfect culture-fit: Imaginationland.

Of course we all know that isn’t a real place, and that the sort of talent described above doesn’t really exist. It’s more about thoughtfully building a talent pipeline that benefits your specific organization and moves the needle for the company. The key word in that last sentence? Thoughtfully. Because it takes strategic planning, collaboration, and a thoughtful nature to source from educational institutions, LinkedIn groups, talent-that’s-not-quite-fully-baked-but-soon-could-be, and many other venues that may not be top-of-mind.

Identifying those venues and solidifying a pipeline/network will go a long way in preventing continuous talent churn and finding individuals who bring that special something that makes them the cherry on top of your team.    

The (un)usual places

Do you have a list? A few go-to places for sourcing talent? How old is that list? Do you have a feeling it might be extremely similar to talent-sourcing lists at other companies? It only takes relocating one letter in the word “sourcing” to turn it into “scouring.” As in, scouring the internet to find great talent. Not a word with 100%-negative connotation, but it implies that – after that open analyst req has been sitting on all the job sites for months – maybe now there’s a certain frantic quality to your talent search.

So if you’re going to scour, you may as well make it a smart scour. Targeting specific avenues on and offline is great, but targeting a specific profile for the type of person you hope will join your team…that can turn out to be not so great. Stay open; the person(s) you find may just surprise you. Start online with places like:

  • TryHackMe rooms
  • Comments sections
  • Twitter (yes, Twitter)

And, truly, give some thought to heading offline and scouring/scouting for talent in places like:

  • In-person conferences and events
  • The local CTF event
  • Someone on your IT team that wants to get into cybersecurity
  • Talking to members of your existing team
  • Bespoke recruiting events in talent hotbeds around the world      

And one last place to look: past interviewees. How long has it been since you interviewed that candidate who was almost the right fit? What if that person would now be a great fit? It can be a cyclical journey, so it’s a good idea to keep a list of candidates who impressed you, but didn’t quite make the cut at the time. Better yet, connect with these candidates on social media and periodically check in to see how they are growing their skills.

The (un)familiar fit

You have an idea of what sort of person you would like to see in that open role. But, what if that person never walks through your (real or virtual) door to interview? Will you close the role and just forget about it? Of course you won’t because your SOC likely needs talent – and sooner rather than later. If you don’t allow for some wiggle room in the requirements though, you may be in for an extended process of trying to fill that position.

So, what does that wiggle room look like? Let’s put it this way: If a candidate that matched all criteria on the job description suddenly walked through your door, would you forgo the interview and hire them on the spot? Hopefully not, because there are certain intangibles you should take into account. Yes, that person matches everything on the description, but do they really want to work for your business specifically? Because a bad hire that matches all the requirements on the description, well that can ultimately be more toxic than something who has the potential to live up to those requirements.

Building Diversity, Equity, and Inclusion (DEI) hiring practices into your program, and being thoughtful with the words you use when crafting job descriptions and the requirements listed on them can create the wiggle room that non-ideal candidates might need to feel invited to apply and interview.    

The un becomes the usual

That section header doesn’t refer to any one thing discussed above. It’s a collection of considerations and practices that aren’t “un” because they’re so irregular, rather because none of them are the first thing a hiring manager might think to do when looking to fill a role. One of these considerations may be the second or third thing that comes to mind. But, by making these hiring practices more of the “usual way” to secure talent for open roles, you may experience significantly less churn and find the individuals that become the cherry on top of your SOC.    

You can learn more in our new eBook, 13 Tips for Overcoming the Cybersecurity Talent Shortage. It’s a deeper dive into the current cybersecurity skills gap and features steps you can take to address it within your own organization.

How a Principal Engineer Made His Journey to Cloud Security With Rapid7

Post Syndicated from Tal Avissar original https://blog.rapid7.com/2022/09/13/how-a-principal-engineer-made-his-journey-to-cloud-security-with-rapid7/

How a Principal Engineer Made His Journey to Cloud Security With Rapid7

The first programming language I learned in my childhood was Pascal. I was 12 years old at the time, and I quickly developed a passion for technology.

From a young age, I always knew I wanted to learn engineering and computer science. I wanted to solve big design and architecture problems while building new products that would influence the many people using software every day. The idea that we can use technology to build better tools inspires me, and I get excited about finding ways to help people work more efficiently.

Cybersecurity is such an interesting field because of the unique challenges and complexities associated with it. With my prior knowledge and background in security fundamentals and algorithms, joining Rapid7 felt like an exciting opportunity to grow my career.

An approachable start to a new challenge

Starting a role in a new industry can feel overwhelming, but Rapid7 has provided me the tools to make it a successful transition.

I joined Rapid7 as a Principal Engineer within our Cloud Security team. When I joined, I had some background in cybersecurity and security. Upon joining, I was immediately supported with the training programs and learning materials that helped me get up to speed and understand the business in more detail.

As a new hire, I had an excellent onboarding experience. The onboarding program gave me the chance to experience the unique culture and values of Rapid7, while also learning more about our industry, products, and the evolving needs of our customers. With the right tools, programs, and culture, I felt supported from day 1 to begin learning and immerse myself into the business and culture.

What sets Rapid7 apart

There are a lot of things that make Rapid7 unique as an employer. The people who work here are incredibly smart and kind, and the company places emphasis on learning and development, which shows they care about their people. It’s important for me to be in an environment where the business and leaders support their teams and care about giving them the right resources and tools they need to do the job, while also growing their own skills and knowledge. In engineering, the team gets access to the tools and tech stack requirements needed to fulfill our work.

Since I joined the company, I have experienced the reward of seeing the direct impact of my work. Being able to work autonomously to get the job done while having opportunities to mentor and coach others around me has been extremely rewarding. I love having the freedom to be creative, learn, and innovate new solutions. As I continue to grow within my career, I look forward to my next step in achieving my MSC degree in computer science. Being in an organization where I am creating products from scratch and using a cutting-edge tech stack helps contribute toward this goal.

I’ve learned a lot by taking a new step in my career and moving to a cloud security company. For those who are looking to do the same, I have a few pieces of advice to help you be successful:

  • Have an attitude of learning and growth.
  • There are many certifications you can get that will help introduce you to cloud technology. Check out certifications for GCP, AWS, and Azure to get comfortable.
  • Research and explore advanced concepts of security, encryption, and attack models. There is a lot of exciting activity happening in cybersecurity, and learning more about the industry can fuel your interest and help you understand the importance and impact your work in this field can have.

Interested in joining Tal on the Cloud Security team at Rapid7? Explore our open roles.

Additional reading:


Get the latest stories, expertise, and news about security today.

5 Things Rapid7 Looks for in a BDR, and How We Spot Them

Post Syndicated from Rapid7 original https://blog.rapid7.com/2022/09/06/5-things-rapid7-looks-for-in-a-bdr-and-how-we-spot-them/

5 Things Rapid7 Looks for in a BDR, and How We Spot Them

Every successful organization has a great salesforce. At Rapid7, the Business Development Representative (BDR) Program is a huge source of talent for our sales organization. Some of our most successful salespeople come from the program. So, what is it?

The BDR Program at Rapid7 is an entry-level program that aims to provide early careerists the opportunity to kickstart their career and grow their selling skills. As a part of the program, new hires develop the skills to uncover opportunities with prospects and customers and partner with account executives to continue to expand their knowledge around the entirety of the sales cycle.

As we gear up to welcome another round of applicants, our Talent Acquisition Partner, Lauren Coloumbe, shares five things we look for in BDRs and how we spot them in the interview process.

5 Things Rapid7 Looks for in a BDR, and How We Spot Them
Lauren Coloumbe, Talent Acquisition Partner at Rapid7

1. An interest in the sales process

Sales gives you an opportunity to flex a lot of different problem-solving muscles. At Rapid7, we believe the key to solving problems effectively is through building strong relationships. Each customer has different needs and priorities, and building a relationship establishes trust and understanding that will help us learn more and determine how Rapid7 can meet those needs.

How we spot it: We’re looking for people who demonstrate a passion for problem-solving and are excited to build relationships. Sharing what you’re passionate about in your career and how a role in sales can help you use these skills is something we want to see.  

2. Interest in or curiosity about cybersecurity

You don’t have to be a subject matter expert, but showing an interest in our industry is a great way to help you stand out. Our lives are becoming more digital and connected every day. While that comes with a lot of excitement and efficiency, it also opens up a lot of new risks to our information and communities.

How we spot it: Think about real-life examples of cybersecurity threats around you every day and how impactful it can be to play a role in protecting not only our customers, but our communities at large. We love when candidates can make a personal connection to our mission or share something interesting they may have learned when conducting some initial industry research.  

3. People who are open to learning

We don’t expect you to come in with a ton of industry knowledge, but we do expect you to be prepared to learn, take direction, and ask thoughtful questions. As a BDR, you will be given a lot of opportunities for coaching and development. Being open to learning new things will help you grow and establish a strong foundation.

How we spot it: Natural curiosity drives opportunities for learning. Think of a time when you were especially curious about something or were put in a position where you had to learn a new skill or subject. The interview is also an opportunity for you to express your curiosity. Ask thoughtful questions and let us see your curiosity in action.

4. Team-oriented individuals

At Rapid7, selling is a team sport. You’ll have a group of people in your corner who are invested in your success and ready to lend a helping hand, and you’ll be encouraged to do the same when you get the opportunity. The more we partner together, the better outcomes we can create for our customers and for the company.

How we spot it: There’s nothing wrong with celebrating your wins, but how you got there and how you worked as part of a team are equally important. Share examples of how you worked as a team and either succeeded or failed together. Focus on the effort of the team and the collective impact rather than your own personal role in the process.

5. Challenging convention

Challenging convention means speaking up to share an idea when you feel it can benefit the team. This is a place where everyone is expected to check their ego at the door. This makes it easy for everyone to try new things, fail, learn, and try again. You don’t need to be a manager or a long-time employee to challenge convention, we all have an equal voice when it comes to creating positive customer outcomes.

How we spot it: Think of examples where you stood up for a new or different way of doing things. How did you challenge the status quo or share a new perspective that helped the final outcome?

Learn more about our BDR program and entry-level sales roles at Rapid7.

Additional reading:


Get the latest stories, expertise, and news about security today.

Leading the Way in Tampa

Post Syndicated from Julian Waits original https://blog.rapid7.com/2022/08/17/leading-the-way-in-tampa/

Leading the Way in Tampa

If you’ve been to the Tampa Bay area in recent years, you’ve probably noticed the significant tech industry expansion taking place in the Channel District. It’s an exciting time to be a part of the scene, and Rapid7 is smack in the middle. Being active in the Tampa Bay Chamber of Commerce is incredibly rewarding. I’ve personally been involved with the Chamber for more than a year, and I’ve witnessed first-hand their commitment to making Tampa Bay a vibrant, inclusive place to do business.

My next adventure with the Chamber involves becoming a part of its Leadership Tampa program — one of the oldest leadership programs in the country — which fulfills a mission to highlight the strengths of the Tampa Bay region and impact the community through various organized projects. Our 52-person group will also be collaborating with local not-for-profits to create strength in numbers.

We will continue building upon the diversity and inclusion efforts driven by previous Leadership Tampa members, as well as focus on the challenges of transportation, affordable housing, and inflation, among others. I’m looking forward to the many conversations and activities we will undertake as part of this initiative.


Get the latest stories, expertise, and news about security today.

Additional reading: