[Hiring] Incident Handler @Rapid7

Role Description

We are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As an Incident Handler II, you will work side by side MDR SOC analysts and MDR Incident Responders to investigate incidents ranging from commodity malware to sophisticated threat actors.

As an Incident Handler II in Rapid7’s SOC, you will be responsible for investigating and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigations scaling in complexity from account compromises and commodity malware infections to complex web server compromises and zero-day vulnerability exploitation.

In this role, you will:

• Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud.
• Investigate all levels of incidents, including Incident Response engagements.
• Own complex investigations that may need various levels of delegation, customer communication, documentation, and collaboration across teams.
• Be an escalation point for complex and advanced incidents.
• Communicate with Cybersecurity Advisors regarding investigation findings and remediation recommendations.
• Directly communicate with customers regarding investigation findings.
• Prepare Incident Reports for each minor incident investigation you complete.
• Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors.
• Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team.
• Assist in customer engagement opportunities pertaining to the function of your role.
• Participate in projects that directly relate to your role.
• Utilize Rapid7’s world-class software to triage and investigate alerts.

Qualifications

• 3-4 years of experience in a cybersecurity related position (SOC and/or SIEM analysis experience preferred).
• Dedication to putting each customer’s needs and concerns at the forefront of all decision making.
• Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux.
• Proficiency with analyzing forensic artifacts to determine root cause analysis in investigation.
• A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.
• Effective verbal communication skills that foster collaboration between the MDR SOC and the Incident Response team.
• Strong written communication skills.
• Some experience with static and dynamic malware analysis.
• Passion for continuous learning and growth in the cybersecurity world.

Benefits

• Dynamic workplace where everyone can have the career experience of a lifetime.
• Opportunities for personal and technical innovation.
• Support for continuous learning and growth.

Company Description

At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact.

• Protecting 11,500+ customers against bad actors and threats.
• Building a dynamic and collaborative workplace where new ideas are welcome.
• Continuing to push the envelope in cybersecurity for the past 20 years.