• Monitor and defend network perimeter interfaces against malicious traffic. • Analyze inbound and outbound network traffic for anomalies and threats. • Perform real-time security event analysis using SIEM and other advanced security tools. • Correlate and triage security alerts and indicators generated by monitoring systems. • Investigate and respond to suspected phishing emails and related incidents. • Manage and resolve cybersecurity-related requests received via phone, email, or internal ticketing systems promptly and accurately. • Execute routine assignments and projects while applying deep knowledge of security operations. • Identify and recommend process improvements to enhance efficiency and quality within the SOC. • Ensure availability and proper functioning of security technologies, including IDS/IPS, Web Application Firewalls, DLP, syslog servers, and vulnerability scanners. • Stay current on emerging cybersecurity trends and technologies; assess their impact and collaborate with leadership to integrate improvements into security operations. • Support organizational and departmental initiatives by promoting best practices and contributing to change management efforts.

• Monitor, analyze, and correlate security events across SIEM platforms, EDR/XDR solutions, IDS/IPS systems, Threat intelligence feeds • Investigate and validate security incidents, determine root cause • Perform deep-dive analysis of suspicious activity • Conduct incident response activities including containment, eradication, and recovery support • Develop detailed incident reports, timelines, post-incident summaries • Recommend improvements to SOC playbooks, detection rules • Perform proactive threat hunting using MITRE ATT&CK framework • Collaborate with engineering teams to tune and optimize security tools • Support dashboard creation, reporting, and SOC performance metrics • Serve as a subject matter expert (SME) interacting with stakeholders • Document SOC processes, runbooks, incident handling procedures • Coordinate with SOC teams, engineering teams, and agency stakeholders

• Protect the confidentiality, integrity, and availability of applications, services, data, and cloud infrastructure. • Identify, analyze, and mitigate vulnerabilities. • Provide support, guidance, and training to the DevOps team, application owners, and other stakeholders. • Plan, coordinate, and execute remediation efforts. • Assist in developing application security test plans. • Research, evaluate, and recommend new and existing tools and techniques. • Collaborate with threat detection and incident response teams when responding to security incidents. • Prepare documentation on vulnerability and risk analysis for security audits. • Develop and implement application security processes, including identifying weaknesses, defining security strategies, and conducting penetration tests. • Develop and implement security-related standards, policies, and procedures. • Analyze security data to identify and mitigate potential threats. • Perform internal security audits. • Conduct internal penetration tests and vulnerability assessments and develop remediation plans for findings. • Create and manage risk analysis documentation. • Manage the development of security metrics and reports. • Lead the architecture and implementation of information security best practices. • Maintain a security engineering knowledge base.

About RapDev We specialize in modern ITOM & DevOps ServiceNow delivery and implementations as well as integrations and services for Datadog. Our experienced team of SREs and DevOps engineers powerfully brings together these two ecosystems to drive better observability, availability, and deployment velocity across your organization. About the job Are you a security professional looking for a Security Operations Center role in IR? We are the leading Datadog partner and are embarking on building a security managed services offering from the ground up. This is a unique opportunity to work with cutting edge cloud security solutions and be involved in major infrastructure migration projects. This position requires you to be based in Hawaii with the working hours of Wednesday-Sunday, 5pm-1am HST. What you'll do: - Monitor security events and logs from a variety of systems and networks in Datadog - Identify potential security incidents and threats - Perform analysis and investigations, correlating events and data to detect security incidents - Develop, document, and evolve processes and procedures for responding to security incidents - Provide technical guidance, training, and support to other members of the security team - Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures - Work independently with customers on implementations and remote services - Troubleshoot basic configuration/script issues - Attend requirements review and validation sessions as needed - Utilize strong written and verbal communication skills - Stay on time and on task with assigned customer work Who you are: - Bachelor's degree or equivalent experience in Cyber Security or related field - SIEM experience with Splunk, SumoLogic, Datadog, or similar. - Experience with security monitoring, incident response, and threat analysis - Experience with Cloud Native Technologies - Excellent problem-solving and analytical skills - Knowledge of security best practices and standards - Excellent communication and interpersonal skills - Experience/willingness working on multiple projects simultaneously - Self-Learner and eager to understand new technologies Compensation: - Base Salary: $75,000-$95,000 annually, depending on experience Benefits - 100% Employee Healthcare Coverage (Medical, Dental & Vision) - Retirement Plan (5% 401k Match, IRA) - Unlimited Paid Time Off (4-week minimum) (Vacation, Sick & Public Holidays) - Family Leave (Maternity, Paternity) - Equity - Hybrid Work Opportunities - Fitness & Commuter Subsidies available - SL & LT Disability RapDev is an Equal Opportunity Employer. We are committed to providing equal employment opportunities to all applicants and employees without regard to race, color, religion, sex, national origin, age, disability, veteran status, or any other protected characteristic.