Do you enjoy being in the fight, investigating unusual activity, tearing apart malware, and chasing attackers in realtime? Do you pride yourself on
developing methods for identifying and analyzing breaches? Do you feel compelled to help organizations improve their abilities to effectively detect threats
and drive incident response?
About the team
Rapid7's Detection & Response Services team offers the opportunity to respond to active incidents, uncover previously unidentified breaches, and work
with clients to simulate full-scale incidents in their own environments. Our Incident Responders pride themselves on their ability to think critically, adapt to
constantly changing attack methodologies, deliver top-notch Incident Response services, and help our customers improve their programs.
About the role
Rapid7 Incident Responders split their time between reactive breach response cases - supporting Rapid7 customers, and others, in their greatest time of need,
and proactive customer engagements - delivering threat hunting and detection & response exercises with our customers' dedicated internal security teams.
Rapid7 aims to provide unparalleled work/life balance that allows talented experts to thrive in a reactive Incident Response setting. Incident Responders help
to impact the direction of Rapid7's Products and Services.
In this role, you will:
- Lead and support incident response engagements, from detection and containment through forensic analysis and remediation, while partnering with Incident Responders, MDR Analysts, and Customer Advisors
- Support proactive incident response service engagements, including compromise assessments and incident simulations
- Utilize Rapid7 technologies like InsightIDR and Velociraptor to deliver positive customer outcomes
- Deliver verbal and written updates and forensic reports to customers
- Assist in capturing and deploying knowledge of latest attacker methodologies with members of our Managed Threat Operations team and as part of Rapid7's Emergent Threat Response program
- Collaborate with peers and cross-team partners on process enhancements and documentation
- Participate in pre-sales conversations with prospective customers, Sales enablement sessions, webinars, and other business development opportunities
- Advise and mentor members of our MDR SOC and Managed Threat Operations teams
- Participate in an on-call rotation (after-hours/weekend), as required, to address incidents and maintain continuous coverage.
The skills you'll bring include:
- 1-2 years of hands-on, technical incident response experience
- 2-3 years of security analyst experience, preferably in a SOC or MSSP setting
- Strong technical experience in three of the five areas below
- Forensics (Windows / Mac / Linux)
- Network traffic analysis
- Log Review
- Malware triage
- Cloud technologies, including AWS, Azure, and GCP
- Strong verbal and written communication skills, in particular the ability to effectively communicate investigation findings and associated mitigation and remediation actions to technical and non-technical audiences
- Strong time management and prioritization skills in fast-paced situations
- Desire to continuously learn and grow from your peers and on the job experiences, with a willingness to share your knowledge
- Relevant industry certifications, such as, but not limited to: GCIA, GCIH, GDAT, GCFE, and GFCA
We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
About Rapid7
Rapid7 (NASDAQ: RPD) helps organizations across the globe protect what matters most so innovation can thrive in an increasingly connected world. Our comprehensive technology, services, and community-focused research simplify the complex for security teams, helping them reduce vulnerabilities, monitor
for malicious behaviour, be in 10 places at once, and shut down attacks. We're on a mission to make security solutions easier to use and access so we can
bring safety and resilience to more people.
With more than 10,000 customers across 140+ countries, Rapid7 is a leader in cybersecurity that has earned numerous industry accolades and recognition for
our technology and culture.
#LI-PB1
Top Skills
What We Do
We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.
Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.
Why Work With Us
What makes us unique is how we embrace, model, and celebrate our core values. By challenging convention, being an advocate, creating impact together, always bringing our full selves, and recognizing that our work is never done, we are able to make an extraordinary impact on our business, our industry, and our own career growth.