• Plan, lead, and execute high-impact offensive cyber operations, including penetration tests and red team operations • Continuously evolve offensive security capabilities and operations • Partner closely with cybersecurity and business teams to maximize defensive outcomes • Clearly communicate complex technical findings, impact, and recommendations

• administer and engineer improvements to enterprise security telemetry and detection platforms—including Splunk Cloud, Cribl Cloud, CrowdStrike Falcon, and Tines • implement secure by default telemetry patterns and logging standards across operating systems, cloud, and network data sources • design, build, and maintain Cribl Cloud pipelines for secure, cost managed, and high throughput log routing • engineer Splunk Cloud content with an emphasis on signal quality, performance, and SLO/KPI driven cost control • define and maintain role-based access controls (RBAC) • contribute to integration and automation across SOC tooling and enterprise systems • participate in incident response by developing targeted searches, conducting log analysis, and identifying root causes

Job Description We are seeking someone with a passion for cyber security to join our team. As a Security Operations Analyst with Rapid7 you will work with a combination of tools and Rapid7's command platform to investigate and triage security events. Working with Rapid7's Global Security Operations team is an ideal opportunity to gain a deep understanding of threat detection and response. As part of this team you will be in the best position to develop the skills needed to build a career in cyber security. About the Team Our Information security team is tasked with enhancing our security posture and elevating customer confidence in Rapid7 products and services. Together, we lead the effective delivery of business outcomes, and program maturation through standardization and iterative improvement. As part of our team, you'll work with highly engaged and capable colleagues to build and implement complex, cross-functional initiatives that secure our business, our employees, and our customers. About the Role As a Security Operations Analyst, your core daily function will be the review of alert data to pinpoint malicious activity within the Rapid7 environment. You will have the authority to lead and drive these investigations, which span the entire lifecycle from evidence collection and analysis to determining the initial intrusion vector and identifying all associated malicious or unexpected activity. A critical output of your investigation will be the creation of an Incident Report, documenting your technical analysis, findings, and recommended remediation steps. You will operate within a supportive team environment, with fellow analysts, including Senior and Lead Analysts, available for consultation and assistance whenever you encounter challenges or have questions. A Security Operations Analyst is also involved in proactive threat identification through rotational threat hunting activities, which aim to uncover unknown threats within the Rapid7 environment. Furthermore, in the event of a security incident escalating to a formal Incident Response engagement, the Analyst may be assigned investigation duties. These duties primarily involve assisting the team in tracking threat actor movements across the environment by meticulously analyzing forensic artifacts. In this role, you will: - Contribute to a global Security Operations team. - Provide high-quality threat detection services. - Lead or support incident response investigations for Rapid7. - Help document and implement knowledge of current attack methodologies. - Conduct research to enhance threat detection capabilities and reinforce brand reputation. - Offer ongoing feedback to Rapid7's product development teams. The skills you'll bring include: - 1-3 years of experience within cyber security operations - Strong problem-solving ability, critical thinking skills, and ingenuity. - A passion for cybersecurity, coupled with a keen curiosity and eagerness to learn. - Required familiarity with MacOS, Windows, and/or Linux operating systems. - Essential experience using Security Information and Event Management (SIEM) tools, such as the Rapid7 command platform or Splunk, or comparable platforms. - Experience in common Security Operations Center (SOC) functions, including but not limited to, incident response, threat hunting, detection engineering, malware analysis, or forensic investigations (network and endpoint). - The aptitude to identify areas for process improvement and successfully implement solutions. We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-TD1 About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us. Rapid7, Inc. is committed to fair and equitable compensation practices. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. We evaluate compensation decisions on a case-by-case basis, and it is not typical for an individual to be hired at the very top of the salary range. The salary range for this role in the US is: $81,500.00 - 110,300.00 USD Annual Salary ranges may vary based on geographical location. This range does not include variable/incentive compensation, equity and benefits (where applicable/eligible). All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.

Role Description Delinea’s Cybersecurity organization is seeking a skilled Security Operations analyst with experience working within a distributed security operation center. This role will be engaged in actively enhancing the security monitoring of Delinea systems, while responding to security alerts and incidents. The successful candidate will be able to adeptly identify, investigate, and prioritize security events of diverse systems to protect Delinea. This position will report to the Security Operations Manager and will work remotely based in the Philippines with working hours from 9 AM to 5 PM Manila Time. There will be a requirement to shift working hours twice a month to attend team meetings. What You’ll Do - Monitor Delinea security platforms to identify, investigate, and respond to security events. - Lead cross-functional response coordination for security incidents. - Develop, design, and implement security operations enhancements to reduce risk. - Work with other business areas to enhance security and provide security awareness. - Research, evaluate, and implement security products and services as directed by security management. Qualifications - 3+ years of hands-on experience in a Security Operations (SOC) role. - Demonstrated working experience at the enterprise level with security information and event management, endpoint detection and response, network detection and response, vulnerability management, threat intelligence, security awareness, data loss prevention, firewalls, and email security. - Experience developing security alerts from logs and events to identify anomalies. - Experience responding to security incidents to mitigate risk. - Strong customer service and ability to explain complex technical subjects to internal customers. - Proficient in spoken and written English. Requirements - Security and/or technical industry certifications (ISC2, GIAC, EC-Council, ISACA, CompTIA, Cisco, Microsoft). - Experience with digital forensic, privileged access management, and penetration testing tools. - Experience with developing security awareness activities, procedures. - Experience working within common regulatory and statutory requirements (GDPR, CCPA, SOC2, ISO 27001, NIST). Benefits - Competitive salaries. - Meaningful bonus program. - Excellent benefits, including healthcare insurance. - Pension/retirement matching. - Comprehensive life insurance. - Employee assistance program. - Time off plans. - Paid company holidays.