Logo of Huzzle

Home

Matches

Explore

Manage

Associate Detection & Response Analyst - MDR

image

Rapid7

4d ago

  • Internship
    Full-time
    Off-cycle Internship
  • Software Engineering
    IT & Cybersecurity
  • Melbourne

AI generated summary

  • You need 0-2 years of experience, a passion for cybersecurity, problem-solving skills, knowledge of Windows/Linux, and understanding of security concepts. Shift work is required. Certifications and scripting skills are preferred.
  • You will review alert data for malicious activity, steer investigations, write incident reports, and assist with Remote Incident Response engagements, examining forensic artifacts as needed.

Requirements

  • 0-2 years of experience
  • A passion for cybersecurity
  • Problem solving, critical thinking, and ingenuity.
  • A keen curiosity and excitement to learn
  • Willingness to work on a shift schedule, including evenings and a Saturday or Sunday
  • The Rapid7 MDR SOC has a shift rotation which requires associate analysts to work a 4:3 schedule from 9AM - 7PM after a 90 day onboarding and training period. The shifts are from Sunday-Wednesday and Wednesday-Saturday
  • Knowledge of Windows, Linux operating systems
  • Fundamental knowledge of security concepts gained either through education, work as a systems administrator or from any of the preferred requirements below (lateral movement, privilege escalation, persistence methods, command and control, exfiltration, etc.).
  • Preferred
  • Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.
  • Scripting/coding ability
  • Participation in CTF events
  • Participation in red team/blue team training tools such as HackTheBox, TryHackMe, and LetsDefend

Responsibilities

  • Most days for Associate Analysts will consist of reviewing alert data to identify malicious activity in customer environments. In these roles you will be empowered to steer investigations, which include everything from evidence acquisition and analysis, to figuring out how the intrusion began to identify any malicious or unexpected activity related to the event. Based on this investigation you will be responsible for writing an incident report which includes your technical analysis, documented findings and remediation recommendations for customers. In the event of a security incident that rises to the level of a Remote Incident Response engagement, Associate Analysts may be tasked with performing investigation tasks related to the investigation. In this circumstance you will focus on helping a team track threat actor actions across an environment by examining forensic artifacts.

FAQs

What is the job title for this position?

The job title for this position is Associate Detection & Response Analyst - MDR.

Where is the job location?

The job location is in Melbourne.

What are the primary responsibilities of an Associate Analyst in the SOC?

The primary responsibilities include reviewing alert data to identify malicious activity, steering investigations, acquiring and analyzing evidence, writing incident reports, and assisting with Remote Incident Response engagements.

What kind of experience is required for this role?

The role requires 0-2 years of experience in cybersecurity.

Is there a shift schedule for this position?

Yes, there is a shift schedule, with shifts running from Sunday-Wednesday and Wednesday-Saturday, 9 AM - 7 PM ET after a 90-day onboarding and training period.

What skills or knowledge are preferred for this role?

Preferred skills include security certifications (e.g., GFACT, GSEC), scripting/coding ability, and participation in CTF events or red team/blue team training tools.

What operating systems should candidates be knowledgeable about?

Candidates should have knowledge of Windows and Linux operating systems.

What qualities are important for a candidate applying for this position?

Important qualities include a passion for cybersecurity, problem-solving skills, critical thinking, curiosity, and a willingness to learn.

What type of company is Rapid7?

Rapid7 is a cybersecurity company that helps organizations strengthen their security programs and manage risks across various digital landscapes.

Are there opportunities for career development within this role?

Yes, there are opportunities for career development as you build your expertise with a globally recognized cybersecurity company.

image

Rapid7

Technology
Industry
1001-5000
Employees
2000
Founded Year

Mission & Purpose

Organizations around the globe rely on Rapid7 technology, services, and research to securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks.