Associate Detection & Response Analyst - MDR

We are seeking someone with a passion for cyber security to join us in Melbourne. As a SOC Analyst with Rapid7 you will work with Rapid7's advanced tools to investigate and triage high priority security events. Rapid7's SOC are responsible for our APAC customers as part of our global 24/7 managed services. As an experienced SOC analyst you will have the opportunity to impact this team while building your career and expertise with a globally recognised cyber security company.
About the Team
Rapid7 Managed Detection and Response (MDR) is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioural intelligence.
This team is composed of Managed Detection & Response Analysts who work on the following shift schedules.
Shift A: Sunday-Wednesday from 9am-7pm ET
Shift B: Wednesday-Saturday from 9am-7pm ET
About the role
Most days for Associate Analysts will consist of reviewing alert data to identify malicious activity in customer environments. In these roles you will be empowered to steer investigations, which include everything from evidence acquisition and analysis, to figuring out how the intrusion began to identify any malicious or unexpected activity related to the event. Based on this investigation you will be responsible for writing an incident report which includes your technical analysis, documented findings and remediation recommendations for customers. Your customer advisor colleagues will be largely responsible for direct communication with the customer. You will have fellow analysts who will be ready to help you if you encounter a problem or have a question, including Mid, Senior and Lead Analysts.
In the event of a security incident that rises to the level of a Remote Incident Response engagement, Associate Analysts may be tasked with performing investigation tasks related to the investigation. In this circumstance you will focus on helping a team track threat actor actions across an environment by examining forensic artifacts.
Additional information about our team and culture can be found here:
https://www.rapid7.com/resources/soc-analysts/
To watch an Associate Analyst in action, check out this webinar: https://www.ultimatewindowssecurity.com/webinars/register.aspx?id=3710
Our Associate Analysts have also contributed to the identification of Zero-Day vulnerabilities: https://www.rapid7.com/blog/post/2022/04/14/cve-2022-28810-manageengine-adselfservice-plus-authenticated-command-execution-fixed/
Job Requirements:

• 0-2 years of experience
• A passion for cybersecurity
• Problem solving, critical thinking, and ingenuity.
• A keen curiosity and excitement to learn
• Willingness to work on a shift schedule, including evenings and a Saturday or Sunday
  
  • The Rapid7 MDR SOC has a shift rotation which requires associate analysts to work a 4:3 schedule from 9AM - 7PM after a 90 day onboarding and training period. The shifts are from Sunday-Wednesday and Wednesday-Saturday

• Knowledge of Windows, Linux operating systems
• Fundamental knowledge of security concepts gained either through education, work as a systems administrator or from any of the preferred requirements below (lateral movement, privilege escalation, persistence methods, command and control, exfiltration, etc.).

Preferred

• Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.
• Scripting/coding ability
• Participation in CTF events
• Participation in red team/blue team training tools such as HackTheBox, TryHackMe, and LetsDefend

About Rapid7
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research-using these insights to optimize our products and arm the global security community with the latest in attacker methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what's next.
#LI-PB1