CrawlJobs Logo

Detection and Response Analyst

rapid7.com Logo

Rapid7

Location Icon

Location:
India , Pune

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As a Detection and Response Analyst you will work with Rapid7’s advanced tools to investigate and triage high priority security events. You will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation.

Job Responsibility:

  • Utilise Rapid7’s world-class software and threat intelligence to identify potential compromises in customer environments
  • Conduct investigations into a variety of malicious activities on workstations, servers, and in the cloud
  • Write an Incident Report for each investigation you complete, which follows MITRE’s ATT&CK Framework and includes your own forensic, malware, and root-cause analysis
  • Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations
  • Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors
  • Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team regarding new detection opportunities

Requirements:

  • 5+ years of experience as a SOC or DFIR or Incident Response Analyst is required
  • Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux
  • A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration
  • Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc.
  • Experience with hands-on analysis of forensic artifacts and/or malware samples
  • Passion for continuous learning and growth in the cybersecurity world
  • Effective collaboration within the SOC and between departments
  • Dedication to putting each customer’s needs and concerns at the forefront of all decision making

Additional Information:

Job Posted:
January 29, 2026

Icon
Rapid7 - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Detection and Response Analyst

Managed Cloud Detection and Response Analyst

Wiz is looking for a Managed Cloud Detection and Response Analyst to join our ne...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in a Security Operations Center or Managed Detection and Response, specifically involving cloud environments
  • Solid knowledge in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • Strong analytical skills with a detail-oriented mindset, capable of assessing complex security incidents, separating false positives from true compromise, and providing actionable insights
  • Passion for continuous learning and improvement, staying up-to-date on the latest trends, threats, and best practices in cloud security
  • Excellent communication skills verbal and written both in Hebrew and English
Job Responsibility
Job Responsibility
  • Continuously monitor customers’ cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents
  • Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively
  • Work closely with customer teams to guide and assist with investigation and remediation of incidents
  • Create and deliver incident reports that document findings and response actions taken for customers
  • Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customer’s specific cloud environment
  • Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team
  • Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
256000.00 - 342000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • Experience with AWS, GCP, or similar cloud platforms
  • Experience in building and delivering projects from start to finish
  • Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution. Participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
184500.00 - 246000.00 PLN / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience: 3+ years in security domains like Operations, Incident Response, Detection Engineering, Threat Research, or Engineering, with relevant incident response and investigation experience
  • Technical Skills: Proficiency in modern programming languages (Python, Ruby, Java, Go) or scripting for security tasks
  • experience with AWS, GCP, or similar cloud platforms
  • Project Management: Experience in building and delivering projects from start to finish
  • Specialization: Expertise in areas such as malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Community Engagement: Contributions to the security community or open source projects
  • Communication: Capable of explaining technical issues to non-technical stakeholders
Job Responsibility
Job Responsibility
  • Security Incident Management: Act as an escalation point, collaborate with partners, communicate updates, and work towards resolution
  • participate in on-call roster and conduct post-incident reviews to analyze causes and recommend improvements
  • Investigation and Analysis: Investigate log data from multiple sources for signs of compromise, conduct threat hunts, research threat actor tools and tactics, and lead evidence collection and forensic analysis
  • Technical Solutions and Automation: Provide technical solutions to reduce incidents, build and maintain tools for automation, and develop security incident response guides and procedures
  • Advocacy and Training: Advocate for security best practices and secure coding standards, and conduct tabletop exercises and simulations to test and improve incident response readiness
What we offer
What we offer
  • Health and wellbeing resources
  • paid volunteer days
  • equity
  • bonuses
  • commissions
  • Fulltime
Read More
Arrow Right

Security Incident Response Analyst

We are looking for an Incident Responder with robust technical skills, expertise...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in any security domain: Operations, Incident Response, Detection Engineering, Threat Research, or Engineering
  • Relevant work experience for responding to incidents and conducting investigations
  • Fluency in any modern programming languages (preferably Python, Ruby, Java or Go) or experience scripting to complete security tasks
  • Experience with AWS, GCP, or a similar cloud service platform
  • Self-motivated and results-oriented
  • Experience building and delivering projects from start to finish
  • Passion for collaboration and strong interpersonal skills
  • Specialization in one or more areas: malware analysis, forensics, threat hunting, network analysis, or cloud endpoint analysis
  • Contributions to the security community or open source projects
  • Excellent written and verbal communication skills, including the ability to explain technical issues to non-technical stakeholders.
Job Responsibility
Job Responsibility
  • Act as an escalation point for security incidents, collaborating with stakeholders and communicating updates while actively working towards the resolution of incidents
  • Investigate and analyze log data stemming from security events across multiple sources to determine signs of compromise
  • Conduct post-incident reviews to analyze the root cause, assess the response, and recommend improvements
  • Participate in the on-call roster for security incident response
  • Deliver technical solutions to mitigate security incidents and enhance incident response capabilities
  • Advocate for security best practices and secure coding standards across the organization
  • Conduct threat hunts to identify new attack vectors and develop strategies to counteract them
  • Research tools and tactics employed by threat actors
  • Build and maintain tools and systems to automate response processes and improve efficiency
  • Develop and maintain security incident response playbooks and standard operating procedures
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Support for accommodations or adjustments during recruitment process
  • Fulltime
Read More
Arrow Right

Principal Incident Response Analyst

At Atlassian, the Principal Incident Response Analyst plays a vital role in main...
Location
Location
United States , San Francisco; Austin; Mountain View; New York
Salary
Salary:
183800.00 - 295200.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • At least 5 years of experience in a security incident response role
  • Strong understanding of various security technologies and systems, including firewalls, intrusion detection systems, anti-virus software, and authentication systems
  • Experience building and maintaining tools to assist with incident response and other security tasks
  • Ability to write basic programs in a scripting or programming language
  • Demonstrated ability to coordinate incident response among multiple teams and departments
  • Excellent written and oral communication skills
  • Ability to work under high pressure and fast-paced conditions
  • Experience with cloud technologies including GCP and network protocols
  • Expertise in creating and maintaining incident response playbooks
Job Responsibility
Job Responsibility
  • Lead the region's incident response team to ensure timely and effective response to security incidents
  • Coordinate across various teams within Atlassian during a security incident to facilitate effective communication and response
  • Coach and mentor team members in day-to-day activities
  • Build tools, systems, and programs of work to uplift Atlassian's security posture
  • Create regular training and drills for the incident response team to ensure readiness in the event of a security incident
  • Conduct post-incident analysis to identify areas for improvement in the incident response process
  • Communicate effectively with management and other stakeholders about the status of security incidents and the steps being taken to resolve them
  • Work with other security teams within Atlassian to develop strategies and plans to prevent future security incidents
  • Produce threat intelligence that is specific to Atlassian products and infrastructure
  • Own and manage the delivery of projects that advance the team's incident response capabilities
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Incident Response and SOC Analyst

The role supports the Cyber Security Operations Centre for the EU critical infra...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings
  • Advanced knowledge of XSOAR playbook creation and automation
  • Proficiency in designing and adapting automated workflows and enrichment
  • Python programming skills
  • Ability to present technical and business information effectively to diverse EC stakeholders
  • High standards for incident documentation, KPI reporting, and compliance with security frameworks
  • Familiarity with cloud-native services (AWS, Azure), EDR, SIEM-SOAR platforms, and container security
  • Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences
  • Certifications or experience in relevant security technologies (e.g., Palo Alto Cortex XSOAR, Splunk, Microsoft SC-200, AWS Security Specialty)
  • Level 6 European Qualification Framework (Bachelor's degree or higher) for senior profiles
Job Responsibility
Job Responsibility
  • Define incident handling procedures, automation requirements, and playbook logic aligned with the needs
  • Prepare incident response workflows, automated enrichment steps, and technical documentation for standardized alert handling
  • Handle cybersecurity incidents from detection through escalation, containment, and resolution
  • Develop and maintain XSOAR playbooks, integrations, and automations across platforms such as Splunk, AWS, Azure Sentinel, Carbon Black Cloud, and Sysdig
  • Coordinate and review playbook updates, incident reports, and cross-team collaboration
  • Report key performance metrics, including FPTP rate, MTTH, escalation rate, automation coverage, time saved, and error reductions
  • Assist training analysts on playbook usage and incident response methods
  • Collaborate with CSIRC, CATCH analysts, infrastructure teams, and external stakeholders to validate playbook coverage and share threat intelligence.
What we offer
What we offer
  • Mobility options (including a company car)
  • Insurance coverage
  • Meal vouchers
  • Eco-cheques
  • Continuous learning opportunities through the Sopra Steria Academy
  • Participation in team events.
  • Fulltime
Read More
Arrow Right

Security Analyst

The Security Analyst plays a key role in protecting our organization by detectin...
Location
Location
United States , St. Louis
Salary
Salary:
Not provided
cyera.io Logo
Cyera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–4 years of experience in security operations, incident response, or threat detection
  • Familiarity with SIEM, EDR, and related security tools (e.g., Splunk, Sentinel, CrowdStrike, etc.)
  • Understanding of IAM, cloud platforms (AWS, GCP, Azure), and basic network security principles
  • Strong analytical and problem-solving skills, with attention to detail and documentation
  • Excellent communication and teamwork skills
Job Responsibility
Job Responsibility
  • Triage incoming security alerts and requests, ensuring timely communication and resolution in coordination with internal stakeholders
  • Conduct first-line investigations using data from SIEM queries, IAM logs, and endpoint/cloud telemetry
  • Execute approved containment and remediation actions (e.g., disabling user accounts, revoking tokens, quarantining assets)
  • Collaborate closely with IT, Security Engineering, and MSSP partners to escalate and resolve complex incidents
  • Document investigation steps, outcomes, and lessons learned for future reference and process improvement
  • Utilize security tools such as SIEM, DLP, EDR, and DSPM platforms to validate alerts, uncover misconfigurations, and identify potential threats
  • Tune detection rules and contribute to continuous improvement of alert quality, reducing false positives
  • Monitor threat intelligence feeds to identify new vulnerabilities and recommend practical mitigation strategies
  • Partner with engineering teams to enhance visibility and strengthen detection coverage across systems and environments
  • Draft, maintain, and refine SOPs and runbooks for recurring alerts and incident types
What we offer
What we offer
  • Ability to work remotely, with office setup reimbursement
  • Competitive salary
  • Unlimited PTO
  • Paid holidays and sick time
  • Health, vision, and dental insurance
  • Life, short and long-term disability insurance
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy