Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Rapid7 Detection Operations Engineer 
United States, Virginia, Arlington 
690549898

30.06.2024

About the Role

In addition, you will learn from IR engagements, SOC incidents, and a variety of other sources and apply that knowledge to inform new detections for use across our customer base. You won't be alone in this endeavor, and your TIDE colleagues will be there to answer questions, provide guidance, and assist you as you develop.

In this role, you will:

  • Utilize Rapid7’s world-class software and threat intelligence to improve the current InsightIDR detection library

  • Collaborate closely with SOC Analysts, the Data Science team, Incident Response (IR) Consultants, Customer Advisors, and security researchers

  • Assist in researching of attacker behaviors and techniques using information gathered from IR engagements, minor incidents and malicious activity discovered through various telemetry sources

  • Conduct detection testing in a controlled environment

  • Use a variety of skills to build rules that detect evil across network, endpoint and cloud services

The skills you’ll bring include:

  • 3+ years as a SOC Analyst/Incident Responder/Offensive security practice experience OR 2+ years of cyber threat intelligence/research/detection engineering experience

  • A solid understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration

  • Experience with hands-on analysis of forensic artifacts and/or malware samples

  • Effective collaboration between different teams

  • Innovative problem solving mindset

  • Strong ability to perform research (search for, organize, and evaluate information)

  • Strong written and verbal skills

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.