The Associate Detection and Response Analyst investigates security alerts using SIEM tools, analyzes incidents, and provides reports and recommendations. They work in shifts and collaborate with more experienced analysts.
Associate Managed Detection & Response (MDR) Analyst
Rapid7's Tactical Operations team (TACOPS) is responsible for handling the most time-critical tasks for all customers, such as the investigation and triage of high priority security alerts using our cloud hosted SIEM, InsightIDR. This team is composed of Managed Detection & Response Analysts who work on the following shift schedules (there is no night shift for U.S. analysts at Rapid7!). Rapid7 offers a flexible work environment; Associate Analysts are required to work in our SOC two days per week, one of which is typically Wednesday.
Shift A: Sunday-Wednesday from 10am-8pm ET
Shift B: Wednesday-Saturday from 10am-8pm ET
About the Role
Most days for Associate Analysts will consist of reviewing alert data to identify evil activity in customer environments. In these roles you will be empowered to steer investigations. Investigations include everything from evidence acquisition and analysis to figure out how the intrusion began to identify any malicious or unexpected activity related to the event. Based on this investigation you will be responsible for writing an incident report which includes your technical analysts, documented findings and remediation recommendations for customers. Your customer advisor colleagues will be largely responsible for direct communication with the customer. You will have fellow analysts who will be ready to help you if you encounter a problem or have a question, including Mid, Senior and Lead Analysts.
In the event of a security incident that rises to the level of a Remote Incident Response engagement, Associate Analysts may be tasked with performing investigation tasks related to the investigation. In this circumstance you will focus on helping a team track threat actor actions across an environment by examining forensic artifacts.
Additional information about our team and culture can be found here:
https://www.rapid7.com/resources/soc-analysts/
The skills you'll bring include:
Preferred
#LI-JM2
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.
Rapid7's Tactical Operations team (TACOPS) is responsible for handling the most time-critical tasks for all customers, such as the investigation and triage of high priority security alerts using our cloud hosted SIEM, InsightIDR. This team is composed of Managed Detection & Response Analysts who work on the following shift schedules (there is no night shift for U.S. analysts at Rapid7!). Rapid7 offers a flexible work environment; Associate Analysts are required to work in our SOC two days per week, one of which is typically Wednesday.
Shift A: Sunday-Wednesday from 10am-8pm ET
Shift B: Wednesday-Saturday from 10am-8pm ET
About the Role
Most days for Associate Analysts will consist of reviewing alert data to identify evil activity in customer environments. In these roles you will be empowered to steer investigations. Investigations include everything from evidence acquisition and analysis to figure out how the intrusion began to identify any malicious or unexpected activity related to the event. Based on this investigation you will be responsible for writing an incident report which includes your technical analysts, documented findings and remediation recommendations for customers. Your customer advisor colleagues will be largely responsible for direct communication with the customer. You will have fellow analysts who will be ready to help you if you encounter a problem or have a question, including Mid, Senior and Lead Analysts.
In the event of a security incident that rises to the level of a Remote Incident Response engagement, Associate Analysts may be tasked with performing investigation tasks related to the investigation. In this circumstance you will focus on helping a team track threat actor actions across an environment by examining forensic artifacts.
Additional information about our team and culture can be found here:
https://www.rapid7.com/resources/soc-analysts/
The skills you'll bring include:
- 0-2 years of experience
- A passion for cybersecurity
- Problem solving, critical thinking, and ingenuity.
- A keen curiosity and excitement to learn
- Willingness to work on a shift schedule, including evenings and a Saturday or Sunday
- The Rapid7 MDR SOC has a shift rotation which requires associate analysts to work a 4:3 schedule from 10 AM - 8 PM after a 90 day onboarding and training period. The shifts are from Sunday-Wednesday and Wednesday-Saturday.
- Knowledge of Windows, Linux operating systems
- Fundamental knowledge of security concepts gained either through education, work as a systems administrator or from any of the preferred requirements below (lateral movement, privilege escalation, persistence methods, command and control, exfiltration, etc.). While Helpdesk IT experience alone may provide working knowledge of hardware, it is not necessarily applicable to this role and cybersecurity.
Preferred
- Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.)
- Scripting/coding ability
- Participation in CTF events
- Participation in red team/blue team training tools such as HackTheBox, TryHackMe, and LetsDefend
We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
#LI-JM2
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.
Top Skills
Insightidr
Linux
Windows
Similar Jobs at Rapid7
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
As a Penetration Testing Analyst, you'll perform technical testing on networks and applications, create detailed reports, and assist clients with their security posture.
Top Skills:
AssemblyCC++JavaPHPPythonRuby
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
As a Senior Product Manager, you will define strategy for Managed CTEM, leading the product lifecycle and collaborating with teams to bring innovative security solutions to market.
Top Skills:
Attack Surface ManagementCtem FrameworksCybersecurityVulnerability Management
Artificial Intelligence • Cloud • Information Technology • Sales • Security • Software • Cybersecurity
The Account Executive will drive new and existing sales in Federal Civilian accounts, leveraging industry knowledge, collaborating with cross-functional teams, and providing strategic solutions. Responsibilities include quota attainment, relationship building, and effective communication with stakeholders.
Top Skills:
6SenseGongLinkedin Sales NavigatorSalesforceZoominfo
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
