Associate Detection & Response Analyst

extra holidays - extra parental leave
Work set-up: 
Full Remote
Contract: 
Experience: 
Entry-level / graduate
Work from: 

Offer summary

Qualifications:

Knowledge of Windows and Linux operating systems., Fundamental understanding of security concepts like lateral movement and privilege escalation., Security certifications such as GSEC, GCIH, CySA+, or Security+., Scripting or coding skills and participation in cybersecurity training events..

Key responsibilities:

  • Review alert data to identify malicious activity.
  • Conduct investigations and analyze evidence related to security incidents.
  • Write incident reports with findings and remediation recommendations.
  • Assist in threat detection, incident response, and knowledge sharing.

Rapid7 logo
Rapid7 Large https://r-7.co/3i5nlhP
1001 - 5000 Employees
See all jobs

Job description

Associate Detection&Response Analyst

We are seeking someone with a passion for cyber security to join our team. As a SOC Analyst with Rapid7 you will work with Rapid7’s advanced tools to investigate and triage high priority security events. Working with Rapid7’s Tactical Operations team (TACOPS) is an ideal opportunity to gain a deep understanding of threat detection and response. As part of this team you will be in the best position to develop the skills needed to build a career in cyber security. This is a hybrid role based in our Arlington, VA Security Operation Center.

About the Team


Rapid7 Managed Detection and Response (MDR) is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence.

About the Role

Most days for Associate Analysts will consist of reviewing alert data to identify evil activity in customer environments. In these roles you will be empowered to steer investigations. Investigations include everything from evidence acquisition and analysis to figure out how the intrusion began to identify any malicious or unexpected activity related to the event. Based on this investigation you will be responsible for writing an incident report which includes your technical analysts, documented findings and remediation recommendations for customers. Your colleague, a Customer Advisor, will be responsible for direct communication with the customer. You will have fellow analysts who will be ready to help you if you encounter a problem or have a question, including Mid, Senior and Lead Analysts. In addition to live response, in the event of a security incident that rises to the level of a Remote Incident Response engagement, Associate Analysts may be tasked with performing investigation tasks related to the investigation. In this circumstance you will focus on helping a team track threat actor actions across an environment by examining forensic artifacts.

Additional information about our team and culture can be found here: https://www.rapid7.com/resources/soc-analysts/

To watch an Associate Analyst in action, check out this webinar: https://www.ultimatewindowssecurity.com/webinars/register.aspx?id=3710

Our Associate Analysts have also contributed to the identification of Zero-Day vulnerabilities: https://www.rapid7.com/blog/post/2022/04/14/cve-2022-28810-manageengine-adselfservice-plus-authenticated-command-execution-fixed/

In this role, you will:

  • Deliver world-class threat detection services using traditional threat intelligence-based detection and user behavior analytics

  • Conduct or assist with Rapid7 incident response investigations. 

  • Assist in capturing and deploying knowledge of attack methodologies

  • Provide continuous input to Rapid7 product development teams 

The skills and qualities you’ll bring include:

  • Knowledge of Windows, Linux operating systems

  • Fundamental knowledge of security concepts (lateral movement, privilege escalation, persistence methods, command and control, exfiltration, etc.)

  • Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.)

  • Scripting/coding ability

  • Participation in CTF events

  • Participation in red team/blue team training tools such as HackTheBox, TryHackMe, and LetsDefend

  • Willingness to work on a shift schedule, including evenings and a Saturday or Sunday - The Rapid7 MDR SOC has a shift rotation which requires associate analysts to work a 4:3 schedule from 10 AM - 8 PM after a 90 day onboarding and training period. The shifts are from Sunday-Wednesday and Wednesday-Saturday.

  • Excited by technology with a passion for cybersecurity, curious and eager to learn and develop in a security role (Never Done)

  • Demonstrates a strong sense of responsiblity for protecting customer trust, making decisions that prioirtise security and impact (Be an Advocte / Customer Centric)

  • A collaborative team player who has the ability to partner successful with others to drive impact (Cross Functional Collaboration / Impact Together)

  • Demonstrates a strong sense of ownership, holding themself and others accountable to achieving outcomes that deliver value to our customers and internal teams (Accoutability)

  • The attitude and ability to thrive in a high-growth, evolving environment (navigating change and ambiguity)

  • Ability to make transparent, well-communicated, and efficient decisions under pressure, with careful consideration of risk and impact (Decision-making)

  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success. 


We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7

At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.

Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

#LI-MV1

Required profile

Experience

Level of experience: Entry-level / graduate
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Decision Making
  • Accountability
  • Collaboration
  • Adaptability

Related jobs