Rapid7 Incident Handler 

United States, Virginia, Arlington 

826647989

About the Role

In this role, you will:

• As a core duty, you will conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud. You will investigate all levels of incidents, including Incident Response engagements in which you will provide analysis assistance to Rapid7’s Incident Responders.

• Prepare Incident Reports for each minor incident investigation you complete, which follow MITRE’s ATT&CK Framework and include your own forensic, malware, and root-cause analysis.

• Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations.

• Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors.

• Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team regarding new detection opportunities.

• Assist in customer engagement opportunities pertaining to the function of your role in the MDR service as necessary.

• Participate in projects that directly relate to your role in an effort to increase positive customer outcomes.

• Utilize Rapid7’s world-class software and threat intelligence to identify potential compromises in customer environments as necessary.

The skills you’ll bring include:

• 1-2 years of experience in a cybersecurity related position (SOC and/or SIEM analysis experience preferred)

• Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least an understanding of common internal system tools and directory structures.

• A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.

• Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc.

• Experience with hands-on analysis of forensic artifacts and/or malware samples.

• Passion for continuous learning and growth in the cybersecurity world.

• Effective collaboration within the SOC and between departments.

• Dedication to putting each customer’s needs and concerns at the forefront of all decision making.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next.