CrawlJobs Logo
Rapid7 Logo Rapid7 · IT - Software Development

Associate Detection & Response Analyst

Czechia, Prague · Job Posted June 03, 2026
Apply Position
Job Link Share

Job Description

Rapid7’s Tactical Operations team is looking for an Associate Detection & Response Analyst to tackle time-critical security investigations and safeguard our global customers. This foundational role empowers you to hunt down malicious behavior, steer end-to-end incident analyses, and collaborate with a world-class team of analysts to stay ahead of the security curve. If you are a curious, driven problem-solver eager to launch your career in cybersecurity, this is your opportunity to make a collective impact from day one.

Job Responsibility

  • Review alert data to identify malicious activity and potential security threats across diverse customer environments
  • Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
  • Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
  • Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
  • Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
  • Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
  • Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
  • Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule

Requirements

  • Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
  • Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
  • Working familiarity with Windows and Linux operating systems and their underlying security architectures
  • Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
  • Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
  • Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
  • Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
  • Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success

Nice to have

  • Training in red team/blue team learning tools such as HackTheBox, TryHackMe, and LetsDefend and/or participation in CTF events is a plus
  • Scripting/coding ability and/or Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.) is a plus
Rapid7 - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Associate Detection & Response Analyst

8 matching positions

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Truveta is the world’s first health provider led data platform with a vision of ...
Location
Location
United States , Seattle
Salary
Salary:
135000.00 - 180000.00 USD / Year
truveta.com Logo
Truveta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cyber Security, Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience
  • 5+ years of experience in Security Operations (SOC), Incident Response, or Detection & Response role, with demonstrated ownership of complex security incidents
  • Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, Cloud Apps)
  • Proficiency in KQL (Kusto Query Language) for investigations, threat hunting, and detection engineering
  • Experience designing, tuning, and maintaining SIEM detections and SOAR automation, including alert triage and response workflows
  • Solid understanding of Azure cloud architecture, core services, and native security controls
  • Familiarity with Azure Entra ID, identity security concepts, RBAC, and IAM-related threats
  • Experience with handing high-severity security incidents, including cross-team coordination and stakeholder communication
  • Familiarity with MITRE ATT&CK, threat actor techniques, and modern attack methodologies across cloud, identity, and endpoint environments
  • Experience supporting on-call rotations and working in a 24/7 or follow-the-sun SOC environment
Job Responsibility
Job Responsibility
  • Incident Response: Handle investigation and response to security incidents across endpoints, identities, email, cloud workloads, and SaaS applications
  • Act as a senior escalation point for SOC analysts during complex or ambiguous security events
  • Participate in on-call rotations and provide senior-level escalation support when needed
  • Lead or contribute to post-incident reviews (RCA, postmortems) and track remediation actions to completion
  • Ensure incidents are accurately documented for audit, compliance, and operational learning
  • Maintain and improve incident response runbooks, playbooks, and escalation procedures
  • Support incident readiness activities, including tabletop exercises and response drills
  • Detection Engineering & Automation: Develop, tune, and maintain Microsoft Sentinel analytics rules to improve detection quality and reduce false positives
  • Design and optimize KQL queries for investigations, threat hunting, and detection engineering
  • Integrate and maintain log sources and data connectors in Microsoft Sentinel, ensuring data quality and proper normalization
What we offer
What we offer
  • Interesting and meaningful work for every career stage
  • Great benefits package
  • Comprehensive benefits with strong medical, dental and vision insurance plans
  • 401K plan
  • Professional development & training opportunities for continuous learning
  • Work/life autonomy via flexible work hours and flexible paid time off
  • Generous parental leave
  • Regular team activities (virtual and in-person)
  • Fulltime
Read More
Arrow Right
New

Application Engineer Expert Level

ITC is a Woman Owned Small Business delivering exceptional consultation to the U...
Location
Location
United States , Fort Meade
Salary
Salary:
Not provided
seekintegrity.com Logo
Integrity Technology Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must already possess an active TS/SCI with Full Scope Polygraph in order to be considered
  • Twelve (12) years minimum experience and a High School Diploma/GED
  • Ten (10) years minimum experience and an Associate's Degree
  • Eight (8) years minimum experience and a Bachelor's Degree
  • Six (6) years minimum experience and a Master's Degree
  • Four (4) years minimum experience and a Doctorate's Degree
  • EDR Solutions: Proficient in one or more EDR platforms (Trellix HX/EDRF or Microsoft Defender for Endpoint EDR, preferably both)
  • Cloud Applications: Experience with cloud security and familiarity with cloud service providers (AWS or Azure, preferably both)
  • Cloud Security: Experience securing cloud-hosted workloads using EDR solutions and understanding cloud-native security controls and logging (Microsoft Sentinel, Microsoft Defender, Microsoft Purview, AWS CoudWatch, AWS CloudTrail, AWS GuardDuty, or AWS Security Hub)
  • CCSP Certified Cloud Security Professional certification or equivalent
Job Responsibility
Job Responsibility
  • As part of the Secure the Enterprise initiative, develop capabilities to shift from the current manual system security evaluation and authorization process to a new model that emphasizes automation, streamlined processes and approvals, continuous monitoring and assessment, and network data gathering across the entire life cycle of a project
  • Deploy, configure, test, manage, and optimize endpoint detection and response solutions across the NSA enterprise
  • Establish comprehensive Standard Operating Procedures (SOPs) for EDR functionalities and lead training sessions to empower SOC analysts in maximizing platform efficiency and threat visibility
  • Responsible to the deployment, testing, management, and optimization of endpoint detection and response solutions
  • This role involves deploying, configuring, testing, and monitoring EDR capabilities to traditional on premises and cloud environments
What we offer
What we offer
  • 401K plan with company contributions (safe harbor and profit sharing)
  • 11 Federal holidays, 21 Days PTO
  • Medical, Dental, & Vision with substantial company contributions
  • Company provided Life, LTD and STD Insurance
  • Health Savings Accounts/ Flexible Spending Accounts
  • Referral Bonuses
  • Performance Bonuses
  • Tuition Assistance for Education, Training, and Professional certifications
  • Career Development
  • Fulltime
Read More
Arrow Right

In-Business Risk 1LOD Lead Analyst

Citigroup Global Markets Inc. seeks an In-Business Risk 1LOD Lead Analyst for it...
Location
Location
United States , Tampa
Salary
Salary:
119200.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree, or foreign equivalent, in Finance, Statistics, Applied Mathematics or related field and 1 year of experience as a Business Risk Analyst, Data Analyst, Financial Analyst, Compliance Analyst, Graduate Associate or related position involving designing, evaluating and implementing control mechanisms to monitor for financial crimes
  • Alternatively, employer will accept a Bachelor’s degree in the stated fields and 3 years of the specified experience
  • Designing and evaluating control frameworks for financial crime risk assessment
  • Conducting financial data research, financial modeling, and preparing analytical reports and manuscripts
  • Performing quantitative analysis and interpreting large financial and economic datasets
  • Applying statistical methods to analyze datasets, identify financial crime patterns, and assess associated risks
  • Researching and analyzing derivatives, fixed income, swaps, foreign exchange, and structured products, including options, futures, bonds, treasury securities, credit instruments, interest rate swaps, currency swaps, credit default swaps, spot/forward FX products, spread products, and complex structured instruments
  • Developing automated processes for data analysis and financial research using Python and R
  • Extracting, transforming, and analyzing large datasets using SQL, and employing data management and visualization tools such as Tableau, Power BI, and Airflow
  • Researching institutional trading business practices, market structure, and financial crime risks
Job Responsibility
Job Responsibility
  • Design, evaluate, and implement control mechanisms to monitor financial crimes within Citi's Markets and Securities Services division
  • Develop analytical tools and data processes using programming languages such as Python and R to detect and manage risks associated with financial crimes like anti-money laundering, sanctions, and fraud
  • Regularly review existing financial crime monitoring controls to ensure effectiveness and continuously improve the controlling methodologies to address emerging risks
  • Collaborate closely with various stakeholders, including Sales, Trading, Operations, Legal, Compliance, and Technology departments, to identify, assess, and manage financial crime risks across multiple business platforms, specifically focusing on high-risk jurisdictions, third-party payments in foreign exchange, sanctions, and emerging market transaction monitoring
  • Manage control initiatives ensuring resources are properly allocated, execution timelines are met, and all initiatives align strategically with corporate policies and regulatory requirements
  • Conduct specialized reviews of transactional data to proactively uncover new and evolving financial crime patterns, subsequently develop and integrate preventative controls
  • Prepare and deliver comprehensive reports and presentations to senior management and compliance oversight teams, clearly articulating analytical insights, proposed enhancements, and the status of ongoing initiatives
What we offer
What we offer
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • discretionary and formulaic incentive and retention awards
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

Join Microsoft’s Specialized Clouds Security Fundamentals team! We are at the fo...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 4+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Foundational understanding of security principles, cloud technologies, and program management practices
  • Experience with at least one cloud platform (Azure, AWS, GCP) and its associated security services and configurations
  • Hands-on experience with SIEM, EDR, and cloud-native security tools (Microsoft XDR, Sentinel, CrowdStrike, etc.)
  • Demonstrated ability to translate customer or stakeholder needs into actionable requirements
  • Written and verbal communication skills, with the ability to clearly convey technical concepts to diverse audiences
  • Proven collaboration skills, including working effectively in cross-functional teams and building trusted relationships
  • Ability to manage multiple priorities, meet deadlines, and follow through reliably on commitments
Job Responsibility
Job Responsibility
  • Assist in assessing detection coverage by helping gather, analyze, and document inventory, telemetry, and detection data across cloud environments to identify gaps and inconsistencies
  • Contribute to detection development and tuning by researching incidents, attacker techniques, and analyst findings to develop durable detection strategies across the entire kill-chain
  • Collaborate with engineers and analysts to support testing, validation, and refinement of detection and response capabilities in cloud and containerized environments
  • Demonstrate strong organizational skills, clarity in communication, and reliability in execution
  • Stay current on security trends, regulatory changes, and best practices, and advocate for innovation and continuous improvement in security programs
  • Drive cross-division alignment among product teams to improve security posture of Microsoft's Specialized Clouds
  • Fulltime
Read More
Arrow Right

Associate SOC Advisor

As an Associate SOC Advisor, you will work hand-in-hand with SOC analysts as par...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience using a homelab environment/TryHackMe/HackTheBox and a similar setup to gain practical security experience
  • Significant client relationship management experience
  • Strong understanding of common enterprise technologies
  • Proven ability to convey extremely technical concepts to audiences with varying technical prowess
  • Industry-related certifications i.e CompTIA( A+, Network+, Sec+, Cloud+, CySA+) and/or TCM Security (PSAA, PJPT, SOC) etc.
  • Interest in technology deployment and configuration experience
  • Strong interest in security frameworks and concepts
  • Peer-reviewing colleagues’ work for errors and inaccuracies i.e quality assurance
  • Exhibit a degree of resilience & understanding amid change and ambiguity
  • Partner closely with customers and cross-functional stakeholders to deliver seamless outcomes and consistently exceed expectations
Job Responsibility
Job Responsibility
  • Notify and assist clients for any incidents with analysis in the client’s environment
  • Engage with any security related inquiries from clients and perform initial triage analysis
  • Assist in supporting incident response engagements through customer communications and reporting
  • Work closely with TACOPS analysts and other cross-functional internal teams to convey recommendations to Rapid7 customers, to improve their overall security posture
  • Review and generate high-quality accurate and contextual customer deliverables
  • Perform log search queries to identify suspicious activity in customer environments
  • Help the Customer Advisor team build strong advisory relationships with customers and continuously exceeding client expectations
  • Ensure that customer’s Rapid7 Platform technology is functional, and coordinate with Rapid7’s support team when needed
  • Gather client input and requirements across the Managed Services client base to influence Managed Services service roadmap
  • Assist Managed Services Leadership with effective scaling strategies to face the challenge of an ever-expanding customer base
Read More
Arrow Right

Senior Analyst, Security Operations Center

The Senior Analyst, Security Operations Center (SOC) is a technical leader respo...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
brightspeed.com Logo
Brightspeed
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Associate's degree in Computer Science, Information Systems, Engineering, Technology, or related field or equivalent experience/training
  • Experience managing cases/incidents
  • Ability to think analytically
  • Robust creativity and problem-solving skills
  • Knowledge of technical systems and terminology
  • Proficiency in threat management analysis and dissemination
  • Proficiency in scripting languages
  • Advanced written and verbal communication skills
Job Responsibility
Job Responsibility
  • Lead incident response efforts for high-severity and complex security events, serving as the primary technical coordinator during major incidents
  • Act as escalation point for junior analysts, providing technical guidance and decision support in real time
  • Oversee daily SOC operations, including shift management, workload distribution, and quality assurance of investigations
  • Conduct post-incident reviews and facilitate lessons-learned sessions to drive continuous improvement
  • Mentor and train junior analysts to elevate team capabilities and strengthen overall SOC maturity
  • Perform advanced threat analysis, including APT detection, multi-stage attack correlation, and deep analysis of threat actor tactics, techniques, and procedures (TTPs)
  • Lead proactive threat hunting initiatives across cloud, network, identity, and endpoint environments
  • Design and implement advanced detection rules, correlation logic, queries, and dashboards in SIEM and SOAR platforms
  • Develop custom automation playbooks to accelerate investigation, triage, and containment processes
  • Evaluate and recommend enhanced SOC technologies, detection techniques, and analytic capabilities
What we offer
What we offer
  • Competitive compensation
  • Comprehensive benefits
  • Medical, dental, vision, and life insurance
  • Employee assistance program
  • 401K plan with company match
  • Voluntary benefits
  • Fulltime
Read More
Arrow Right

Associate Managed Services Information Security Analyst

The Associate Managed Services Information Security Analyst is an entry-level ro...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or relevant qualification in Information Technology or Computing or a related field
  • Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar
  • Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous
  • Entry level experience in SOC Analysis Operations
  • Entry level experience in SIEM usage for investigations
  • Entry level experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy
  • Entry level experience in dealing with technical support to clients
  • Entry level experience in handling security incidents end to end
  • Entry level experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools
  • Entry level experience in Security Analysis or Engineering preferably gained within a global services organization
Job Responsibility
Job Responsibility
  • Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
  • Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
  • Under guidance, generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
  • Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
  • Utilizes and document best practices and amend existing documentation as required
  • Support with security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
  • Learns and utilizes a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure
  • Ensures usage of knowledge articles in incident diagnosis and resolution
  • Under guidance, perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information
  • Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client
  • Fulltime
Read More
Arrow Right