Senior Incident Response Consultant
VA Arlington 22203
Rapid7
Level up SecOps with the only endpoint to cloud, unified cybersecurity platform. Confidently act to prevent breaches with a leading MDR partner. Request demo!Senior Incident Response Consultant
About the Team
The Rapid7 Incident Response team is considered the tip of the spear within Rapid7's Detection & Response practice. This team is primarily responsible for ensuring 24/7 breach response coverage for Rapid7's MDR and retainer customers, guaranteeing to be there for our customers in their greatest times of need. All services are delivered using Rapid7's existing portfolio of detection and response solutions, such as Rapid7 InsightIDR and Velociraptor. The experiences gained by the members of this Managed Services team directly feed into Rapid7's Product organization, improving Rapid7 products for all standalone customers as well. Our approach is hybrid first, with most of our team members spending three days a week in the office. Rapid7 is built on a culture of collaboration and teamwork designed to foster meaningful connections and trusting relationships.
About the Role
Rapid7 Incident Responders split their time between reactive breach response cases - supporting Rapid7 customers in their greatest time of need, and proactive customer engagements - delivering threat hunting and detection & response exercises with our customers’ dedicated internal security teams. Rapid7 aims to provide unparalleled work/life balance that allows talented Detection & Response experts to thrive in a reactive Incident Response setting. Incident Responders help to impact the direction of Rapid7’s Products and Services.
In this role, you will:
Deliver world-class incident response services, leading customer engagements utilizing Rapid7 technologies like InsightIDR and Velociraptor
Lead proactive threat hunting and compromise assessments of complex environments
Lead incident simulations, helping clients assess their ability to respond to major threats within their existing toolsets
Advise clients on security best practices and attack mitigation strategies using enterprise security controls
Assist in capturing and deploying knowledge of latest attacker methodologies
The skills you’ll bring include:
1-3 years of hands-on incident response experience, including leading and conducting technical incident response investigations
Experience in enterprise security and how various technologies work together for increasing threat detection and streamlining incident response including EDR, SIEM, Velociraptor, OSQuery, and other tools
Strong technical experience in three of the five areas below
Host forensics (Windows / Mac / Linux)
Network traffic analysis
Log Review
Malware triage
Cloud technologies, including AWS, Azure, and GCP
Ability to build relationships with, and understand business needs of, customers and deliver demonstrable value
Outstanding verbal and written communication skills, in particular the ability to effectively communicate investigation findings and associated mitigation and remediation actions to technical and non-technical audiences, including executive leadership and legal counsel
Proven ability to provide leadership to junior team members through job shadowing
Outstanding time management and prioritization skills
Willingness to participate in an on-call rotation that may include evening/weekend work, as required
Relevant industry certifications, such as, but not limited to: GCIA, GCIH, GDAT, GCFE, and GFCA
We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.
About Rapid7
At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact. Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next. Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Cloud EDR Forensics GCFE GCIA GCIH GCP Incident response Linux Malware SIEM Threat detection Windows
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.