• Analyze and validate investigations completed by the AI Agents for accuracy, completeness, and risk • Correlate data from various data sources including cloud, endpoint, identity, network, etc. to understand the full picture of a malicious activity • Investigate malicious activity that the 7AI Agents responded to and understand the complexity of the attack that was stopped including the risk that was prevented for customers • Use our advanced AI Agents to hunt in customer environments to detect and remediate emerging threats, ultimately contributing to detections that will be folded back into the product • Assist customers with ongoing threat monitoring, triage, and prioritization of security alerts as needed but especially during incidents to resolve threats and secure the environment • Proactively identify potential threats and anomalies in customer environments by reviewing logs and malicious findings • Utilize your supreme communication skills to engage with customers who vary in their level of technical depth and focus (from SOC analysts to CISOs) • Architect processes while we build out this elite organization to scale the operation sustainably while maintaining consistent quality • Collaborate with the Engineering and Product teams, providing feedback on the customer experience and assist in optimizing and tuning the AI platform • Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks

Role Description We are seeking a skilled and proactive Splunk Engineer to lead and manage, enhance SOC operations for a UAE based client. - Play a critical role in ensuring the effectiveness of our Splunk SIEM based SOC. - Enhance use cases and playbooks, and address incident management gaps. - Work with the Security Manager to improve Threat detections, improve Risk scoring and powerful case response. - Collaborate closely with a remote SOC team in India to meet client requirements and improve overall SOC performance and effectiveness. Qualifications - 5+ years of experience in Splunk Admin operations, including at least 3 years as a Splunk Engineer or equivalent role. - Proficiency in Splunk Enterprise Security, including developing and maintaining use cases, dashboards, and playbooks. - Strong understanding of SIEM concepts, architecture, best practices. - Proficiency in scripting, automation and query languages (Regex, SQL, Python, Bash etc.). - Familiarity with Windows, Linux, & network device log formats. - Basic knowledge of security frameworks such as NIST, ISO 27001, or MITRE ATT&CK. - Proven experience in incident management and threat analysis. - Hands-on expertise in security monitoring, log analysis, threat hunting. - Knowledge of network security, endpoint security, and cloud security concepts and architecture. - Strong communication and client management skills. - Good troubleshooting and problem-solving attitude. - Capable to work under pressure and manage multiple priorities. - Familiarity with UAE regulatory frameworks & compliance requirements (Optional, e.g. UAE IAR). Requirements - Develop, optimize, and maintain Splunk use cases, dashboards, alerts, and reports to enhance SOC capabilities. - Design and implement effective Splunk playbooks for incident detection, response, and escalation. - Conduct regular health checks and performance tuning of Splunk environments. - Coordinate weekly with the Security Manager (Sr. Consultant), report and take directions. - Participate in meetings with the client IT teams and stakeholders along with the Security Manager. - Develop and fine-tune correlation rules, alarms, and dashboards for advanced threat detection. - Identify gaps in existing use cases and recommend improvements. - Identify gaps in current SOC operations and implement corrective actions. - Provide hands-on support for advanced incident analysis and forensic investigations. - Ensure consistent and accurate incident reporting to stakeholders. - Act as the primary point of contact for client escalations related to SOC operations. - Collaborate with the Security Manager to align SOC deliverables with client expectations. - Participate in regular client meetings to report on SOC performance and improvements. Benefits - Education: Bachelor’s degree in Information Technology, Cybersecurity, or related field. - Splunk certifications (e.g., Splunk Certified Admin, Splunk Certified Power User, Splunk Certified Architect). - Other Cybersecurity certifications will be an added advantage (e.g., CEH, Application Security, OWASP Top 10, ISO 27001, CSA (Certified SOC analyst), Certified Incident Handler (CIH)).

Title: Security Officer - 32hrs/week - Aurora Aurora, MN Part time Job Description: Building Location: Northern Pines Medical Center Department: 2067590 SECURITY - NPMC HOSP Job Description: Eager to launch your continue your career with the region's most esteemed healthcare provider? Essentia seeks passionate individuals like you. As our Security Officer, you'll be more than an employee; you'll be a vital member of a community dedicated to provide safety to our patients and employees. Education Qualifications: - No education requirements Security Officers protect and safeguard patients, staff, other persons, assets and facilities within Essentia Health. Key Responsibilities: - Patrolling the healthcare environment to deter criminal activity, identify hazards, prevent incidents and safety accidents - Respond to emergencies, alarms, disasters, and threatening situations with violent, dangerous or combative persons - Enforce medical campus rules and take action to maintain order and prevent disruption or interference with medical center operations Schedule: 3:00pm - 11:00pm - Week 1: Monday Tuesday, Thursday, Friday - Week 2: Tuesday, Wednesday, Saturday, Sunday Licensure/Certification Qualifications: Certification/Licensure Required: - Completion of the Basic Training for Healthcare Security Officers from the International Association of Healthcare Safety and Security within 1 year of hire and renewal is not required - Current Basic Cardiac Life Support (BCLS) within 3 months of hire - Completes de-escalation training within 5 months of hire if no previous de-escalation training or has not had a de-escalation training/refresher within past 3 calendar years The locations listed below must meet the driving requirements and criteria acceptable to Essentia Health's insurer. - ST. JOSEPH'S MEDICAL CENTER - 4010-4007590 SECURITY - SJMC - FARGO - 3010-3017590 SECURITY - 32ND HOSP - DETROIT LAKES - 3110-3067590 SECURITY - DL HOSP - DULUTH - 2010-2047590 SECURITY - SMDC HOSP - DULUTH PARKING ENFORCEMENT - 2020-2009200 SMDC SURFACE LOTS - SMMC HOSP FTE: 0.8 Possible Remote/Hybrid Option: Shift Rotation: Day/Eve/Night Rotation (United States of America) Shift Start Time: 3:00pm Shift End Time: 11:00pm Weekends: Every Other Holidays: Yes Call Obligation: No Union: Union Posting Deadline: Compensation Range: $19.28 - $28.92 Employee Benefits at Essentia Health: At Essentia Health, we're committed to supporting your well-being, growth, and work-life balance. Our comprehensive benefits include medical, dental, vision, life, and disability insurance, along with supplemental options to fit your needs. We offer a 401(k) plan with employer contributions to help you plan for the future, and we invest in your professional development through training, tuition reimbursement, and educational programs. To help you thrive both at work and at home, we provide flexible scheduling, generous time off, and wellness resources focused on your physical, mental, and emotional health.

As a Penetration Testing Analyst, you will work on the Global Services team to help clients improve their security posture through your technical skills and knowledge of defense strategies. You will enjoy attacking networks and hacking custom protocols implemented in embedded devices. You will also work with various Managed Services teams to help deliver day-to-day tactical reports to customers, triage alerts, address customer needs, and assist with incident response handling and communication. About the Role As a Penetration Testing Analyst, your primary responsibility will be to perform technical testing against a variety of targets and to help deliver day-to-day tactical reports to our customers. You will have a front-row seat to observe and learn about the ever-evolving cyber threat landscape and gain valuable experience by helping customers remediate and mitigate prevalent threats. Specifically, your focus will be to: - Perform technical testing against a variety of targets, including network penetration testing (internal, external, and wireless), web application and API testing, and social engineering (on-premise and electronic). - Consistently produce high-quality reports and peer-review colleagues' work for errors and inaccuracies. - Help develop and create Executive Briefings. - Deliver timely reports to clients and external stakeholders. - Translate technical concepts and convey them to non-security personnel. - Be capable of learning in a fast-paced environment and taking on solo engagements. - Participate in industry conferences and professional organizations. The skills and qualities you'll bring include: - 3+ years in an active technical security role. - Excellent written and verbal communication skills. - Previous technical security consulting experience. - Knowledge of modern penetration testing tools and methods. - Strong knowledge of network, web-based application, and IEEE 802.11 security concepts. - Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite. - Experience using interpreted languages (Ruby, Python, PHP, etc.) and knowledge of compiled languages (Java, C, C++, Assembly, etc.). - Experience with social engineering techniques and tactics. - A Bachelor's degree in Computer Science, MIS, CIS or a related field, or equivalent experience. - Certifications such as GPEN, CPTS, or OSCP. - The ability to ask for help. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-BD1 #LI-Remote About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us. Rapid7, Inc. is committed to fair and equitable compensation practices. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. We evaluate compensation decisions on a case-by-case basis, and it is not typical for an individual to be hired at the very top of the salary range. The salary range for this role in the US is: $89,300.00 - 120,800.00 USD Annual Salary ranges may vary based on geographical location. This range does not include variable/incentive compensation, equity and benefits (where applicable/eligible). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.