CrawlJobs Logo
Rapid7 Logo Rapid7 · IT - Administration

Detection & Response Analyst

Czechia, Prague · Job Posted January 25, 2026
Apply Position
Job Link Share

Job Description

We are looking for people with a passion for investigation and forensic analysis to join our MDR SOC team at Rapid7. As an Associate Detection & Response Analyst, you will utilise Rapid7's advanced tools to investigate and triage security events and work side-by-side with Rapid7's Incident Response team to investigate incidents ranging from commodity malware to sophisticated threat actors. As a SOC analyst you will have the opportunity to impact this team while building your career and expertise with a globally recognised cyber security company.

Job Responsibility

  • Review alert data to identify malicious activity in customer environments
  • Steer investigations, which includes everything from evidence acquisition and analysis to figuring out how the intrusion began to identify any malicious or unexpected activity related to the event
  • Write a Findings Report which includes your technical analysis, documented findings, and remediation recommendations for customers
  • Deliver world-class threat detection services using traditional threat intelligence-based detection and user behavior analytics
  • Conduct or assist with Rapid7 incident response investigations
  • Assist in capturing and deploying knowledge of attack methodologies
  • Provide continuous input to Rapid7 product development teams
  • On a monthly basis you will perform threat hunting to identify unknown threats in a customer environment
  • In the event of a security incident that rises to the level of a Remote Incident Response engagement, you may be tasked with performing investigation tasks related to the investigation
  • Partner cross functionally with a Customer Advisor who will be responsible for direct communication with our customers

Requirements

  • Knowledge of Windows, Linux operating systems
  • 2-5 years of experience as a SOC or DFIR or Incident Response Analyst
  • Knowledge of security concepts (lateral movement, privilege escalation, persistence methods, command and control, exfiltration, etc.)
  • Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.)
  • Scripting/coding ability
  • Willingness to work on a shift schedule - The Rapid7 MDR SOC has a shift rotation which requires analysts to work a 4:3 schedule from 8 AM - 6 PM after a 90 day onboarding and training period. The shifts are from Sunday-Wednesday and Wednesday-Saturday.
  • Excited by technology with a passion for cybersecurity, curious and eager to learn and develop in a security role
  • Demonstrates a strong sense of responsibility for protecting customer trust, making decisions that prioritize security and impact
  • A collaborative team player who has the ability to partner successfully with others to drive impact
  • Demonstrates a strong sense of ownership, holding themself and others accountable to achieving outcomes that deliver value to our customers and internal teams
  • The attitude and ability to thrive in a high-growth, evolving environment
  • Ability to make transparent, well-communicated, and efficient decisions under pressure, with careful consideration of risk and impact
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success.

Nice to have

  • Participation in CTF events
  • Participation in red team/blue team training tools such as HackTheBox, TryHackMe, and LetsDefend
Rapid7 - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Detection & Response Analyst

8 matching positions

Associate Detection & Response Analyst

Rapid7’s Tactical Operations team is looking for an Associate Detection & Respon...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
  • Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
  • Working familiarity with Windows and Linux operating systems and their underlying security architectures
  • Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
  • Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
  • Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
  • Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
  • Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success
Job Responsibility
Job Responsibility
  • Review alert data to identify malicious activity and potential security threats across diverse customer environments
  • Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
  • Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
  • Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
  • Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
  • Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
  • Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
  • Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule
  • Fulltime
Read More
Arrow Right

Technical Business Analyst (Detection and Response)

An Elite Investment Firm is looking for a talented Technical Business Analyst wi...
Location
Location
United Kingdom , London
Salary
Salary:
625.00 GBP / Day
hunterbond.com Logo
Hunter Bond
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in the finance sector is essential
  • Knowledge of network detection and response is essential
  • Strong Cyber Security experience is essential
Job Responsibility
Job Responsibility
  • Working closely with Security and Network Engineers, other Business Analysts and stakeholders on a large-scale greenfield cyber security project
  • Being involved in re-architecting the whole detection and response ecosystem
  • A chance to truly be entrepreneurial
Read More
Arrow Right

Global Response Operations - Detection Analyst

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologie...
Location
Location
United States , Menlo Park
Salary
Salary:
185220.00 - 207900.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Requires a Bachelor’s degree (or foreign equivalent) in Computer Science, Data Science, Engineering, Information Systems, Statistics, Mathematics, Cybersecurity, or related field, and 4 years of experience in the job offered or related occupation
  • Requires 4 years of experience in the following: Investigations, data analytics, or technical systems roles focused on Trust & Safety or Risk Operations within online platforms such as social media, digital advertising, eCommerce, or online payments
  • Managing escalation workflows, including assessing, prioritizing, and resolving high-impact or time-sensitive events, such as election, crises, high severity abuse
  • Developing or implementing detection pipelines and risk-signal systems that leverage on-platform data to identify, analyze, or mitigate abusive or fraudulent activity
  • Communicating progress and results to technical and non-technical audiences
  • Using SQL for large-scale dataset analysis
  • Using Python for data extraction, automation, or analytics
  • Working with graphic or objectionable content and adhere to sensitive-content handling procedures
Job Responsibility
Job Responsibility
  • Drive the scoping and development of risk signals for key problem areas
  • Identify emerging risks using on-platform and off platform signals, through monitoring and analysis
  • Conduct investigations to develop rigorous understanding and knowledge of potential emerging trends and evolving risks in priority areas
  • Work cross-functionally to drive mitigation for identified risk areas, including conducting enforcement on violating trends
  • Build and execute risk detection strategies to support the management of critical events, such as elections and crises
  • Use data and internal tools to identify and investigate potential risk areas and patterns at scale and across abuse types
  • Use quantitative and qualitative research methods to perform root cause analyses on investigative findings or high priority escalations
  • Partner with internal experts to build a rigorous understanding of how, where, and why broad forms of abuse are experienced across the platform
  • Synthesis investigative findings through the creation of analysis and presentations that provide a succinct, coherent narrative assessing risk
  • Influence and support innovation of technology, as well as adoption of technical solutions, that improves our detection capabilities (efficiency, speed, and reduction on language dependence)
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Managed Cloud Detection and Response Analyst

Wiz is looking for a Managed Cloud Detection and Response Analyst to join our ne...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in a Security Operations Center or Managed Detection and Response, specifically involving cloud environments
  • Solid knowledge in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • Strong analytical skills with a detail-oriented mindset, capable of assessing complex security incidents, separating false positives from true compromise, and providing actionable insights
  • Passion for continuous learning and improvement, staying up-to-date on the latest trends, threats, and best practices in cloud security
  • Excellent communication skills verbal and written both in Hebrew and English
Job Responsibility
Job Responsibility
  • Continuously monitor customers’ cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents
  • Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively
  • Work closely with customer teams to guide and assist with investigation and remediation of incidents
  • Create and deliver incident reports that document findings and response actions taken for customers
  • Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customer’s specific cloud environment
  • Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team
  • Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods
Read More
Arrow Right

Managed Cloud Detection and Response Analyst

Wiz is looking for a Managed Cloud Detection and Response Analyst to join our ne...
Location
Location
Australia
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in a Security Operations Center or Managed Detection and Response, specifically involving cloud environments
  • Solid knowledge in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • Strong analytical skills with a detail-oriented mindset, capable of assessing complex security incidents, separating false positives from true compromise, and providing actionable insights
  • Passion for continuous learning and improvement, staying up-to-date on the latest trends, threats, and best practices in cloud security
  • Willingness to work in shifts, including nights, weekends, and holidays to provide 24/7 coverage for customers
  • Excellent communication skills, both verbal and written
  • Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship.
Job Responsibility
Job Responsibility
  • Continuously monitor customers’ cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents
  • Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively
  • Work closely with customer teams to guide and assist with investigation and remediation of incidents
  • Create and deliver incident reports that document findings and response actions taken for customers
  • Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customer’s specific cloud environment
  • Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team
  • Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods.
  • Fulltime
Read More
Arrow Right

Managed Cloud Detection and Response Analyst

Wiz is looking for a Managed Cloud Detection and Response Analyst to join our ne...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in a Security Operations Center or Managed Detection and Response, specifically involving cloud environments
  • Solid knowledge in Cloud Security, with familiarity in cloud services, Kubernetes, cloud architecture, and major providers (AWS, GCP, Azure)
  • Strong analytical skills with a detail-oriented mindset, capable of assessing complex security incidents, separating false positives from true compromise, and providing actionable insights
  • Passion for continuous learning and improvement, staying up-to-date on the latest trends, threats, and best practices in cloud security
  • Willingness to work in shifts, including nights, weekends, and holidays to provide 24/7 coverage for customers
  • Excellent communication skills, both verbal and written
  • Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship
Job Responsibility
Job Responsibility
  • Continuously monitor customers’ cloud environments and workloads for security alerts and analyze potential cyber threats to identify and prioritize cyber security incidents
  • Triage prioritized cyber incidents and coordinate appropriate response actions to mitigate risks effectively
  • Work closely with customer teams to guide and assist with investigation and remediation of incidents
  • Create and deliver incident reports that document findings and response actions taken for customers
  • Write and implement custom detection rules and fine-tune alerts to enhance threat detection capabilities for the customer’s specific cloud environment
  • Develop and maintain cyber incident response playbooks to standardize procedures and enhance the internal methodology of the team
  • Stay up to date with the latest threats, vulnerabilities, and trends in cloud security to update response strategies and improve detection methods
Read More
Arrow Right

Associate Detection And Response (Mdr) Analyst

Rapid7’s Tactical Operations team is looking for an Associate Detection & Respon...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Adaptability to work a fixed shift rotation from Monday to Thursday, 11 AM - 9 PM, following a comprehensive 90-day onboarding period
  • Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
  • Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
  • Working familiarity with Windows and Linux operating systems and their underlying security architectures
  • Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
  • Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
  • Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
  • Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
  • Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success
Job Responsibility
Job Responsibility
  • Review alert data to identify malicious activity and potential security threats across diverse customer environments
  • Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
  • Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
  • Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
  • Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
  • Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
  • Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
  • Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule
  • Fulltime
Read More
Arrow Right

Sr Incident Response Analyst

We have a 3 month contract with opportunity to extend or convert for a seasoned ...
Location
Location
United States
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and Requires 4 – 6 years of related experience
  • 5+ years of Security Operations, Incident Response, and/or Digital Forensics Experience
  • Prior Incident Response Experience in a hybrid enterprise environment
  • Experienced with utilizing security tooling such as: Splunk, EDR, Tanium, etc
  • Strong understanding of cloud environments
  • SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent required
  • Must be located in CST or EST
Job Responsibility
Job Responsibility
  • Reviews current configurations of the production information systems and networks against compliance standards
  • Prepares the prevention and resolution of security breaches and ensure incident and response management processes are initiated
  • Implements and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls
  • Designs of automated scripts, contingency plans, and other programmed responses which are launched when an attack against the company’s systems has been detected
  • Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders
  • Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications
  • Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems
  • Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users
  • Performs other duties as assigned
  • Complies with all policies and standards
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right