Detection & Response Analyst

We are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As an Associate Detection & Response Analyst, you will utilise Rapid7's advanced tools to investigate and triage security events and work side-by-side with Rapid7's Incident Response team to investigate incidents ranging from commodity malware to sophisticated threat actors. As a SOC analyst you will have the opportunity to impact this team while building your career and expertise with a globally recognised cyber security company.
About the Team
Rapid7's Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence.
About the Role
As a Detection and Response Analyst in Rapid7's SOC, you will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation. Your Customer Advisor colleagues will be responsible for direct communication with the customers, enabling you to dedicate your efforts to analysis. Your fellow analyst colleagues will be available to answer questions, provide guidance, and assist you in investigations if you need help. Specifically, your focus will be to:

• Perform alert triage and investigation
• Provide incident handling support for major incident response efforts
• Respond to inbound customer requests
• Proactively tune and refine detection rules to reduce false positives and ensure high fidelity detection of threats

The skills and qualities you'll bring include:

• Clearly and concisely articulates information, adapting messages for technical and non-technical audiences.
• Assesses available information quickly and makes sound, timely judgments under pressure during critical situations.
• Takes ownership of tasks, sees investigations through to completion, and accepts responsibility for outcomes and actions.
• Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least a basic understanding of common internal system tools and directory structures.
• A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.
• Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing frameworks and tools.
• Experience with hands-on analysis of forensic artifacts and/or malware samples.
• Passion for continuous learning and growth in the cybersecurity world.
• Effective collaboration within the SOC and between departments.
• Dedication to putting each customer's needs and concerns at the forefront of all decision making.
• Embody our core values to foster a culture of excellence that drives meaningful impact and collective success.

We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
#LI-MV1
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.