Detection Operations Engineer

Posted 2 Days Ago
Be an Early Applicant
Prague
Hybrid
Mid level
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities.
The Role
As a Detection Operations Engineer at Rapid7, you'll enhance the MDR service's detection library by assessing and refining detection capabilities, collaborating with various teams to improve security posture, and researching attacker behaviors. Your role involves conducting tests and developing rules to detect malicious activities across different environments.
Summary Generated by Built In

About the Team
Rapid7's Threat Intelligence & Detection Engineering (TIDE) team is built from the ground up to provide our customers with high-fidelity threat detections and alerting that limit threat actor dwell time and impact across our customers' ecosystems. Our TIDE team uses purposeful research, threat intelligence curation, observed malicious behavior, and informed collaboration to ensure that our detections evolve along with the ever-changing threat and technological landscape.
About the Role
As a Detection Operations engineer, you will be responsible for the upkeep and evaluation of the detection library for the MDR service.
Our team's mission is to empower excellence in our customer's security posture by continuously refining Rapid7's detection library, enhancing their effectiveness to swiftly identify incidents while reducing analyst strain.
Our vision is to lead with an unparalleled, state-of-the-art, and globally recognized detection library to set new standards in cybersecurity.
You will collaborate closely with the SOC and Data Science teams to identify patterns of activity to improve detections, assist with the creation of new data models, and constantly update the collective understanding of threats.
In addition, you will learn from IR engagements, SOC incidents, and a variety of other sources and apply that knowledge to inform new detections for use across our customer base.
You won't be alone in this endeavor, and your TIDE colleagues will be there to answer questions, provide guidance, and assist you as you develop.
In this role, you will:

  • Utilize Rapid7's world-class software and threat intelligence to improve the current InsightIDR detection library.
  • Collaborate closely with SOC Analysts, the Data Science team, Incident Response (IR) Consultants, Customer Advisors, and security researchers.
  • Assist in researching of attacker behaviors and techniques using information gathered from IR engagements, minor incidents and malicious activity discovered through various telemetry sources.
  • Conduct detection testing in a controlled environment.
  • Use a variety of skills to build rules that detect evil across network, endpoint and cloud services.


The skills you'll bring include:

  • 3+ years as a SOC Analyst/Incident Responder/Offensive security practice experience OR 2+ years of cyber threat intelligence/research/detection engineering experience.
  • A solid understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.
  • Experience with hands-on analysis of forensic artifacts and/or malware samples.
  • Effective collaboration between different teams.
  • Innovative problem solving mindset.
  • Strong ability to perform research (search for, organize, and evaluate information).
  • Strong written and verbal skills.


We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
About Rapid7
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what's possible and drive extraordinary impact.
Here, we're building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever's next.
Join us and bring your unique experiences and perspectives to tackle some of the world's biggest security challenges.
#LI-SIM

What the Team is Saying

Priya
Sammi
Tara
John
Grace
The Company
HQ: Boston, MA
2,400 Employees
Hybrid Workplace
Year Founded: 2000

What We Do

We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.

Why Work With Us

What makes us unique is how we embrace, model, and celebrate our core values. By challenging convention, being an advocate, creating impact together, always bringing our full selves, and recognizing that our work is never done, we are able to make an extraordinary impact on our business, our industry, and our own career growth.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Rapid7 Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Our default working model is hybrid, with employees working three days per week in the office. This approach underpins our commitment to flexibility and adaptability while supporting our dedication to development, teamwork and customer purpose.

Typical time on-site: 3 days a week
Company Office Image
HQBoston
Company Office Image
Arlington
Company Office Image
Austin, TX
Company Office Image
Belfast, GB
Company Office Image
Prague
Company Office Image
Reding, UK
Company Office Image
Tampa, FL
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account