Senior Detection Operations Engineer at Rapid7 – VA Arlington

Posted on by Vaseline

Do you enjoy information security research and threat intelligence? Do you have experience tracking national and cybercriminal threat actors? Would you like the opportunity to research and report on the latest threats and techniques used by attackers?

Rapid7 Managed Detection and Response operates 24/7 to identify vulnerabilities, detect breaches, investigate and respond to attacker activity, and help our customers better manage threats.

About the team

Rapid7’s Threat Intelligence & Detection Engineering (TIDE) team was built from the ground up to provide our customers with high-fidelity threat detections and alerts that reduce the dwell time and impact of threat actors in our customers’ ecosystems. Our TIDE team uses targeted research, threat intelligence curation, observed malicious behavior, and informed collaboration to ensure our detections evolve with the ever-changing threat and technology landscape.

About the role
As a Senior Detection Operations Engineer, you will be the primary technical escalation point for the Detection Operations Team. The Detection Operations Team is responsible for maintaining and evaluating the detection library for the MDR service. Our team’s mission is to drive excellence in our customers’ security posture by continually refining Rapid7’s detection library, improving its effectiveness in quickly identifying incidents while reducing the burden on analysts. Our vision is to lead with an unparalleled, state-of-the-art, and globally recognized detection library to set new standards in cybersecurity. You will work closely with the SOC and Data Science teams to identify activity patterns to improve detections, assist in the creation of new data models, and continually update the collective understanding of threats. Additionally, you will learn from IR engagements, SOC incidents, and various other sources and apply that knowledge to inform new detections for use across our customer base, while assisting junior teammates.

In this role you will:

  • Leverage Rapid7’s best-in-class software and threat intelligence to evaluate and enhance the current InsightIDR detection library, including coordination of third-party integration projects.

  • Work closely with SOC analysts, the Data Science team, Incident Response (IR) consultants, customer advisors, and security researchers.

  • Conduct investigations into attacker behavior and techniques using information gathered from IR activities, other incidents, and malicious activities discovered through various telemetry sources.

  • Perform detection testing in a controlled environment.

  • Work with Rapid7’s Emergent Threat Response (ETR) team to ensure Rapid7 has detection coverage during large-scale exploitation of recently disclosed zero-day or CVE vulnerabilities.

  • Leverage the skills of experts across multiple security domains to create rules that help you detect or prevent malicious behavior across networks, endpoints, and cloud services.

The skills you bring include:

  • Minimum 5 years of experience as a SOC analyst/incident responder/offensive security officer OR minimum 4 years of experience in cyber threat intelligence/research/detection engineering.

  • Experience using Threat Intelligence Platforms in industry.

  • Experience in writing detections using Yara/Suricata/Sigma or similar methods.

  • Experience with hands-on analysis of forensic artifacts and/or malware samples.

  • Conduct investigations using a variety of OSINT methods.

  • A solid understanding of how threat actors employ tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration.

  • Effective collaboration between different teams.

  • Innovative problem-solving mindset.

  • Strong ability to conduct research (search, organize and evaluate information).

  • Strong written and oral skills.

We know that the best ideas and solutions come from multidimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you’re excited about this role and believe your experience can make an impact, don’t be shy – apply today.

About Rapid7

At Rapid7, we are on a mission to create a safe digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what is possible and create extraordinary impact.

Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our failures and celebrate our victories. We come to work every day to push the boundaries of cybersecurity and keep our 11,000+ global customers ahead of whatever comes next.

Join us and bring your unique experiences and perspectives to tackle some of the world’s greatest security challenges.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status, or any other status protected by applicable federal, state, or local law.

Avatar for Vaseline
Vaseline https://newspowergreen.biz.id

You May Also Like

More From Author