• Monitor, analyze, and correlate security events across SIEM platforms, EDR/XDR solutions, IDS/IPS systems, Threat intelligence feeds • Investigate and validate security incidents, determine root cause • Perform deep-dive analysis of suspicious activity • Conduct incident response activities including containment, eradication, and recovery support • Develop detailed incident reports, timelines, post-incident summaries • Recommend improvements to SOC playbooks, detection rules • Perform proactive threat hunting using MITRE ATT&CK framework • Collaborate with engineering teams to tune and optimize security tools • Support dashboard creation, reporting, and SOC performance metrics • Serve as a subject matter expert (SME) interacting with stakeholders • Document SOC processes, runbooks, incident handling procedures • Coordinate with SOC teams, engineering teams, and agency stakeholders

• Protect the confidentiality, integrity, and availability of applications, services, data, and cloud infrastructure. • Identify, analyze, and mitigate vulnerabilities. • Provide support, guidance, and training to the DevOps team, application owners, and other stakeholders. • Plan, coordinate, and execute remediation efforts. • Assist in developing application security test plans. • Research, evaluate, and recommend new and existing tools and techniques. • Collaborate with threat detection and incident response teams when responding to security incidents. • Prepare documentation on vulnerability and risk analysis for security audits. • Develop and implement application security processes, including identifying weaknesses, defining security strategies, and conducting penetration tests. • Develop and implement security-related standards, policies, and procedures. • Analyze security data to identify and mitigate potential threats. • Perform internal security audits. • Conduct internal penetration tests and vulnerability assessments and develop remediation plans for findings. • Create and manage risk analysis documentation. • Manage the development of security metrics and reports. • Lead the architecture and implementation of information security best practices. • Maintain a security engineering knowledge base.

About RapDev We specialize in modern ITOM & DevOps ServiceNow delivery and implementations as well as integrations and services for Datadog. Our experienced team of SREs and DevOps engineers powerfully brings together these two ecosystems to drive better observability, availability, and deployment velocity across your organization. About the job Are you a security professional looking for a Security Operations Center role in IR? We are the leading Datadog partner and are embarking on building a security managed services offering from the ground up. This is a unique opportunity to work with cutting edge cloud security solutions and be involved in major infrastructure migration projects. This position requires you to be based in Hawaii with the working hours of Wednesday-Sunday, 5pm-1am HST. What you'll do: - Monitor security events and logs from a variety of systems and networks in Datadog - Identify potential security incidents and threats - Perform analysis and investigations, correlating events and data to detect security incidents - Develop, document, and evolve processes and procedures for responding to security incidents - Provide technical guidance, training, and support to other members of the security team - Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures - Work independently with customers on implementations and remote services - Troubleshoot basic configuration/script issues - Attend requirements review and validation sessions as needed - Utilize strong written and verbal communication skills - Stay on time and on task with assigned customer work Who you are: - Bachelor's degree or equivalent experience in Cyber Security or related field - SIEM experience with Splunk, SumoLogic, Datadog, or similar. - Experience with security monitoring, incident response, and threat analysis - Experience with Cloud Native Technologies - Excellent problem-solving and analytical skills - Knowledge of security best practices and standards - Excellent communication and interpersonal skills - Experience/willingness working on multiple projects simultaneously - Self-Learner and eager to understand new technologies Compensation: - Base Salary: $75,000-$95,000 annually, depending on experience Benefits - 100% Employee Healthcare Coverage (Medical, Dental & Vision) - Retirement Plan (5% 401k Match, IRA) - Unlimited Paid Time Off (4-week minimum) (Vacation, Sick & Public Holidays) - Family Leave (Maternity, Paternity) - Equity - Hybrid Work Opportunities - Fitness & Commuter Subsidies available - SL & LT Disability RapDev is an Equal Opportunity Employer. We are committed to providing equal employment opportunities to all applicants and employees without regard to race, color, religion, sex, national origin, age, disability, veteran status, or any other protected characteristic.

Role Description To make money work for everyone, we must protect our customers, our data, and our systems. You will join our Security Operations Squad to: - Detect threats - Respond to incidents - Improve our defences without disrupting the people who use our bank You will specialize in Incident Response, working alongside senior team members to: - Investigate security events from the initial alert through to recovery - Hunt for new threats and automate detection methods - Prevent alert fatigue by taking a proactive approach - Focus on analytical work of tracking and stopping advanced adversaries We invest heavily in our team, providing mentorship, resources, and time to learn and develop skills. Qualifications - Hands-on incident response experience - Experience in a Security Operations Centre (SOC) - Deep understanding of systems and networks - Experience with scripting languages (like Python or Go) - Ability to solve problems independently - Clear communication skills - Experience with cloud or detection engineering (bonus) Requirements - Investigate security events - Proactively hunt for threats - Spot real threats and fine-tune alerts - Automate repetitive work - Learn from past incidents - Track threat intelligence Benefits - Salary: £55,000 - £75,000 + Incentive Awards tied to performance - Flexible working hours - £1,000 learning budget each year - Setup for remote work with Macbooks provided - Additional support for work-from-home setup - Plus lots more!