Principal Endpoint Security Specialist

About the Team
Our Product & Engineering team drives innovation, building award-winning security solutions that help 10,000+ organizations assess risk, detect threats, and automate security. Using cutting-edge tech and research, we develop and enhance products across vulnerability management, detection, automation, cloud security, and pentesting.
About the role
We are seeking a Principal Endpoint Security Engineer with deep expertise in endpoint security, detection engineering, and automation to join our team at Rapid7 in Prague.
This role is pivotal in ensuring that our Endpoint Prevention (EPP) solution delivers maximum value to our customers, requiring a blend of technical, analytical, and engineering skills.
As a Principal Engineer, you will work closely with SOC Analysts within our MDR service, Detection Engineering, Product and Engineering teams to fine-tune detection and prevention rules, optimize alert triaging, and drive automation.
Your deep knowledge of low-level operating system internals (Windows, primarly) and software development will be critical in strengthening our threat detection, response, and prevention capabilities.
Requirements:

• 10+ years of experience in endpoint security, detection engineering, and/or threat intelligence.
• Expertise in Windows internals (kernel mode, APIs, memory management, process injection, etc.). Similar expertise with additional operating systems are an advantage.
• Proficiency in C/C++, Python, or another relevant programming language for security tool developent.
• Experience working closely with SOC teams, detection engineers, and product teams to enhance secuity solutions.
• Strong knowledge of malware analysis, threat detection, and EDR/EPP solutions.
• Ability to analyze attack techniques (MITRE ATT&CK) and improve detection logic.
• A strategic mindset to balance detection effectiveness with operational efficiency.
• Excellent problem-solving and communication skills, with the ability to work cross-functionally.

Responsibilities:

• Enhance Rapid7's EPP and detections solutions by developing and optimizing detection, exclusion, and prevention rules.
• Work closely with Engineering and MDR SOC Analysts to refine alert triaging and automation for more effective incident response.
• Collaborate with Detection Engineering and Engineering teams to integrate advanced threat detection capabilities into our solutions.
• Follow low-level forensic analysis and malware research to strengthen prevention and detection strategies.
• Automate security processes to improve response times and reduce operational overhead.
• Contribute to threat intelligence efforts, helping to identify, track, and neutralize evolving threats.
• Provide technical leadership, mentoring engineers, and helping shape the future of endpoint security at Rapid7.

About Rapid7
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what's possible and drive extraordinary impact.
Here, we're building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever's next.
Join us and bring your unique experiences and perspectives to tackle some of the world's biggest security challenges.
Security and Compliance
Rapid7 is committed to keeping customers secure. As a first line of defense, all employees are expected to uphold the highest standards of security and privacy, ensuring the protection of sensitive information and compliance with relevant regulation s.
#LI-JG