Job Closed
This listing is no longer active.
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.
Security Operations Analyst
Location
United States
Posted
70 days ago
Salary
$81.5K - $110.3K / year
Seniority
Junior
Job Description
Security Operations Analyst
Rapid7
• Review alert data to pinpoint malicious activity within Rapid7 environment. • Lead and drive investigations spanning the entire lifecycle from evidence collection to identifying malicious activity. • Create Incident Reports documenting technical analysis, findings, and remediation steps. • Conduct proactive threat identification through threat hunting activities. • Assist in tracking threat actor movements during security incident investigations.
Job Requirements
- 1-3 years of experience within cyber security operations
- Strong problem-solving ability, critical thinking skills, and ingenuity.
- A passion for cybersecurity, coupled with a keen curiosity and eagerness to learn.
- Required familiarity with MacOS, Windows, and/or Linux operating systems.
- Essential experience using Security Information and Event Management (SIEM) tools, such as the Rapid7 command platform or Splunk, or comparable platforms.
- Experience in common Security Operations Center (SOC) functions, including but not limited to, incident response, threat hunting, detection engineering, malware analysis, or forensic investigations (network and endpoint).
- The aptitude to identify areas for process improvement and successfully implement solutions.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
• Design, implement, and continuously improve detection rules across SIEM, EDR, and cloud security platforms • Develop automated response playbooks to reduce mean time to detect (MTTD) and respond (MTTR) • Leverage GenAI tools to accelerate log analysis and threat triage • Summarize and enrich security alerts and incident data • Generate detection logic (e.g., Sigma rules, queries, scripts) • Assist in root cause analysis and investigation workflows • Integrate GenAI into SOC workflows via APIs and internal tooling • Enhance detection pipelines using AI-assisted enrichment and correlation • Analyze logs across endpoints, cloud environments, SaaS platforms, and networks
Role Description American Express is seeking a highly experienced and driven Senior Manager to lead its Incident Response team on the night shift (3:00 PM – 11:00 PM PHX). - This senior leadership role demands a balance of strong people leadership and deep technical expertise across the full incident response lifecycle—from preparedness and active investigations to post-incident review. - As the primary escalation point for the night shift, you will serve as the most senior technical authority. - Guide complex investigations, conduct in-depth analysis, identify attacker tactics, techniques, and procedures (TTPs), and develop comprehensive attack narratives. - Lead and coordinate response actions while ensuring alignment with enterprise security objectives. - Strengthen team capabilities across people, process, and technology, enabling the investigation and mitigation of sophisticated threats. - Success in this position depends on critical thinking, sound judgment, innovative problem-solving, and clear, effective communication across both technical and executive audiences. Qualifications - Strong people leadership skills. - Deep technical expertise in incident response. - Experience with complex investigations and analysis. - Ability to identify attacker tactics, techniques, and procedures (TTPs). - Proven track record in developing comprehensive attack narratives. - Strong communication skills for both technical and executive audiences. Requirements - Experience leading incident response teams. - Proficiency in managing the full incident response lifecycle. - Ability to work night shift (3:00 PM – 11:00 PM PHX). - Strong problem-solving skills. - Ability to foster a culture of passion, curiosity, and courage. Benefits - Opportunity to work with talented tech teams. - Access to the latest technologies. - Commitment to back the broader engineering community through open source. - Support for personal and professional growth.
Title: Manager, Security Operations (Sentinel) Country: United States Cities: Atlanta This position is open to candidates in most major US cities; Approved locations are listed on this requisition. Candidates are welcome to work remotely or out of one of our regional offices. Travel is required. Avanade’s Security Practice supports clients in protecting, detecting, and responding to cyber threats using Microsoft’s security ecosystem. This role sits within Security Operations and focuses on delivering managed and co-managed security monitoring, detection engineering, incident response, and continuous improvement using Microsoft Sentinel as the primary SIEM and SOAR platform. The role operates in a client-facing, delivery-focused environment and collaborates closely with client security teams, Avanade delivery teams, and Microsoft partners. Role Overview The Security Operations Manager is responsible for delivering security monitoring and incident response services using Microsoft Sentinel, helping clients detect, investigate, and respond to security threats in hybrid and cloud environments. This role contributes to the design, implementation, tuning, and ongoing operation of Sentinel-based security solutions and supports clients in improving their security posture and operational maturity. The role operates in a matrixed delivery environment, working directly with clients, internal security architects, and Microsoft-aligned teams. As a client-facing role, this position is expected to demonstrate Avanade’s values, professional consulting behaviors, and a strong focus on quality and outcomes. Qualifications Education, Certifications and Experience • Bachelor’s degree in a relevant field or equivalent professional experience & certifications • 7+ years cybersecurity experience with hands-on delivery and leading workstreams & delivery teams • 2+ years consulting experience • Microsoft Security Certifications Knowledge, Skills, and Abilities Experience delivering security solutions across one or more domains: • Cyber Defense / SOC / XDR • Identity & Access Management • Data Protection & Compliance • Cloud & Infrastructure Security Proven ability to: • Lead delivery teams • Manage client expectations • Contribute to pre sales or solution shaping Strong familiarity with: • Microsoft 365 Security • Azure security services • Zero Trust principles Compensation at Avanade varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Avanade provides a reasonable range of compensation for roles that may be hired as set forth below. Avanade offers a market competitive suite of benefits including medical, dental, vision, life, and long-term disability coverage, a 401(k) plan, bonus opportunities, paid holidays, and paid time off. Role Location Annual Salary Range California $150,400 to $178,600 Cleveland $139,200 to $165,300 Colorado $139,200 to $165,300 District of Columbia $155,200 to $184,300 Illinois $150,400 to $178,600 Maryland $155,200 to $184,300 Massachusetts $155,200 to $184,300 Minnesota $150,400 to $178,600 New York $164,800 to $195,700 New Jersey $150,400 to $178,600 Washington $155,200 to $184,300 Additional Information Equal Employment Opportunity Statement All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Security Operations Manager
ECS Tech IncAll candidates must meet the following criteria: Must be a US Citizen, no dual Citizenships. Must be able to secure a Public trust clearance. Must be able to work across multiple programs across the Federal and DOD space. The core values that ECS looks for in an engagement manager include: Teamwork, Respect, Accountability, Integrity, and Leadership.
Role Description Everforth ECS is seeking a Security Operations Manager to work remotely. This position is contingent upon contract award. The Security Operations Manager will be the single POC providing ongoing status and progress to the NIAID CO and COR. In this role, you will be responsible for: - Cybersecurity incident resolution, including investigation and response to minimize the impact or likelihood of incidents. - Monitoring of NIAID systems and components to detect potential threats. - Project management and engineering support for the improvement and automation of security operations tools and processes. - Project support for improving and automating security operations capabilities, including: - Developing solutions and options for project milestones. - Developing project plans in a task and completion tracking tool such as Jira. - Reporting on progress in real-time using an IT Service Management tool such as ServiceNow. - Responding to and resolving security and privacy incidents and coordinating with the NIH Threat Management and Incident Response (TMIR) team and privacy coordinators according to NIH or Federal format and timelines. - Advising and assisting with SOC architecture activities for all SOC information systems initiatives supporting all SOC tools and capabilities. Salary Range: $150,000 - $190,000 Qualifications - Bachelor's degree in Cybersecurity, Computer Science, or related field. - Active Public Trust or higher security clearance. - Minimum of 10 years of experience in cybersecurity; 15 years’ experience preferred. - 8+ years’ experience leading and delivering in security operations programs and incident management for comparably sized federal agencies and security programs. - Shall have at least one of the following industry-recognized certifications: - Certified Information System Security Professional (CISSP) - Global Information Assurance Certification (GIAC) - Certified Enterprise Defender (GCED) - GIAC Certified Incident Handler (GCIH) - Certified Network Defender (CND) - Systems Security Certified Practitioner (SSCP) - Proven ability to understand threats, evaluate the impact of potential incidents, and recommend risk reduction techniques. - Demonstrated expertise in analyzing and providing clear and concise risk reports, dashboards, and other visualizations to federal risk executives, system operators, and system stakeholders. - Knowledge of and experience overseeing the administration and configuration of security tools. - Experience with enterprise-wide penetration testing remediation to comply with agency remediation standards. - Documented experience in monitoring an enterprise-wide environment for potential security incidents. - Experience in establishing and enhancing security operations capabilities and proactively identifying potential risks. - Experience in setting up, administering, and enhancing cybersecurity tools and security operations processes. - Knowledge of different operational threat environments and incident categories. - Reside within the Washington DC Metro area. - Travel within the Washington DC Metro Area, and CONUS as needed. Requirements - Cybersecurity incident resolution. - Monitoring of systems for potential threats. - Project management and engineering support. - Coordination with NIH TMIR team and privacy coordinators. - Advising on SOC architecture activities. Benefits - General Description of Benefits




