We are seeking highly skilled individuals with a passion for investigation and forensic analysis to join our Managed Detection and Response (MDR) Melbourne SOC team.
About the Team
Rapid7 MDR is designed to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and malicious activity at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence.
About the Role
As a Rapid7 MDR Senior Detection and Response Analyst, you will serve as a subject matter expert in the operations of the Rapid7 Managed Detection and Response Security Operations Center. You will excel at conducting alert triage and investigation, forensic artifact analysis, and utilizing tools to gather critical information. If necessary, you will seek additional data and collaborate with team members to obtain it. You will assist with incident response engagements, prepare client deliverables, and communicate with clients regarding these deliverables. You will continuously review operational processes for improvement and be willing to implement changes when needed. Additionally, you will provide mentoring opportunities for other analysts and share your expertise with the SOC team.
The MDR SOC performs live response and conducts threat hunting on a monthly basis. Threat hunting involves identifying unknown threats within customer environments. In the event of a security incident requiring Remote Incident Response, you may participate in investigation tasks related to the incident. In this case, you will help track threat actor actions across the environment by analyzing forensic artifacts.
In this role, you will:
* Utilize Rapid7's advanced software and threat intelligence to identify potential compromises in customer environments as necessary.
* Conduct investigations into various forms of malicious activity on workstations, servers, and in the cloud. You will investigate all levels of incidents, including those that require Incident Response engagement where you will provide analysis assistance to Rapid7's Incident Response team.
* Prepare Incident Reports for each minor incident investigation completed, following the MITRE ATT&CK Framework and incorporating your own forensic, malware, and root-cause analysis.
* Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations.
* Share new intelligence with other analysts regarding tactics, techniques, and trends utilized by threat actors.
* Provide continuous input to Rapid7's Threat Intelligence and Detection Engineering team regarding new detection opportunities.
* Assist in customer engagement opportunities pertaining to the function of your role in the MDR service as necessary.
The skills required include:
* A minimum of 5 years of experience in a cybersecurity-related position (SOC and/or SIEM analysis experience preferred)
* A deep understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux.
* An understanding of investigative methodology and the incident response lifecycle, cyber killchain, etc. This includes knowing what questions to ask to initiate an investigation and being able to locate relevant information regardless of the technology stack used.
* A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.
* A willingness to work on a shift schedule, including evenings and weekends.
* Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc.
* Experience with hands-on analysis of forensic artifacts and/or malware samples.
* A passion for cybersecurity and a commitment to continuous learning and growth.
* Problem-solving, critical thinking, ingenuity, and a keen curiosity to learn.
* Effective communication skills to facilitate cross-functional collaboration within the SOC and between departments.
* A dedication to prioritizing each customer's needs and concerns in all decision-making processes.
Rapid7 values diversity and inclusion. We strive to create a workplace where everyone can grow and thrive. If you're excited about this role and believe your experience can make a meaningful impact, please don't hesitate to apply.
About Rapid7
Rapid7 is committed to creating a secure digital world for our customers, industry, and communities. We achieve this by embracing tenacity, passion, and collaboration to challenge what's possible and drive extraordinary impact.
We're building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential, learn from our mistakes, and celebrate our successes. We come to work every day to push boundaries in cybersecurity and keep our global customers ahead of whatever's next.