• Design, build, and improve automated evidence collection capabilities that increase the speed, consistency, and completeness of incident investigations. • Create and maintain SOAR playbooks that orchestrate investigation, enrichment, containment, notification, and recovery workflows. • Integrate SIEM, EDR, IAM, cloud, email, case management, and threat intelligence platforms to enable unified response actions and stronger analyst context. • Develop and deploy response tooling that may utilize AI to improve response capabilities across cloud, endpoint, identity, SaaS, email, and data platforms. • Develop scripts, tools, and integrations that support triage, containment, enrichment, forensic collection, and operational response workflows. • Ensure responders have the logs, telemetry, access, and tooling needed to investigate and respond without unnecessary delay. • Build dashboards, operational views, and incident metrics that measure response performance, workflow health, and process effectiveness. • Identify repeated manual analyst tasks and turn them into safe, scalable, and repeatable automation. • Review incident response plans, identify readiness gaps, and help develop practical strategies to improve preparedness. • Design and optimize incident response playbooks aligned to relevant threats, operating models, and business needs to allow for quick identification and response to potential incidents. • Collaborate with Response Operations and Automation team stakeholders for prioritization, automation creation, and integrations with security tooling. • Facilitate or support tabletop exercises, drills, and readiness activities to validate plans and improve operational performance. • Lead or support complex investigations involving host, network, identity, email, and cloud artifacts to determine nature, scope, and root cause. • Partner with cross-functional teams to guide containment, remediation, recovery, and post-incident improvement activities. • Brief technical teams and leadership on findings, risks, recommendations, and response decisions during and after incidents. • Contribute to incident response standards, methodologies, documentation, and internal knowledge sharing. • Participate in an incident response on-call rotation, including weekend coverage, as required.

Role Description As a Fire Emergency Services Success Expert here at Honeywell, you will be instrumental in ensuring the success of our fire emergency services solutions. You will have the opportunity to work closely with customers to provide expert guidance and support, ensuring that their fire safety systems are effectively implemented and maintained. Your expertise will be critical in driving customer satisfaction and enhancing the overall performance of our fire emergency services. In this role, you will work remotely in the US. You will impact the safety and security of our customers' facilities by providing exceptional support and solutions that meet their fire safety needs. Your commitment to excellence will help ensure that our customers can rely on our systems for their safety and compliance requirements. Qualifications - Expertise in fire emergency services solutions - Strong customer support and guidance skills - Ability to ensure effective implementation and maintenance of fire safety systems - Commitment to customer satisfaction and safety compliance Requirements - Remote work capability in the US Benefits - Opportunity to work with a trusted partner in automation and safety - Access to innovative solutions and technologies Company Description Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

Rapid7's Tactical Operations team is looking for an Associate Detection & Response Analyst to tackle time-critical security investigations and safeguard our global customers. This foundational role empowers you to hunt down malicious behavior, steer end-to-end incident analyses, and collaborate with a world-class team of analysts to stay ahead of the security curve. If you are a curious, driven problem-solver eager to launch your career in cybersecurity, this is your opportunity to make a collective impact from day one. About the Team The Tactical Operations team (TACOPS) handles the most time-critical tasks for all customers, executing the investigation and triage of high-priority security alerts using our cloud-hosted SIEM, InsightIDR. This collaborative team drives business and customer outcomes by combining individual technical skills with collective knowledge to identify threats and deliver robust remediation recommendations. About the Role As an Associate Detection & Response (MDR) Analyst, your primary responsibility will be to investigate and triage high-priority security alerts to identify malicious activity in customer environments. Specifically, your focus will be to: - Review alert data to identify malicious activity and potential security threats across diverse customer environments - Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis - Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers - Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer - Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team - Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements - Track threat actor actions across an environment by analyzing system and forensic logs during security incidents - Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule The skills and qualities you'll bring include: - Adaptability to work a fixed shift rotation from Monday to Thursday, 11 AM - 9 PM, following a comprehensive 90-day onboarding period. - Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments - Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control - Working familiarity with Windows and Linux operating systems and their underlying security architectures - Training in red team/blue team learning tools such as HackTheBox, TryHackMe, and LetsDefend and/or participation in CTF events is a plus - Scripting/coding ability and/or Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.) is a plus - Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges - Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft - Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics - Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents - Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers - Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-SIM About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,500+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.

Role Description The Incident Response, Lead will work with IT stakeholders across the Health Care System to develop policies, procedures, and risk management activities that will efficiently contain and/or minimize the impact of business interruption due to disasters and/or information systems not being available. This role carries 24/7 on-call rotation responsibilities and active incident command expectations during major and critical events. - Perform risk and triage analysis to develop incident response plans and runbooks for the most likely and highly impactful disasters. - Assist IT and business stakeholders in testing incident response plans by developing downtime scenarios, tabletops, and other exercises. Qualifications - BS/BA degree in Information Technology, Business Administration, Risk Management, or a related field required. In lieu of the BS/BA degree, may accept a high school diploma and 7 years of experience. - 4+ years' experience in incident response management or a related field required. - Strong knowledge of industry standards and frameworks such as ISO 22301 or NIST SP 800-34. - Strong understanding of project management principles and data technologies, expert-level knowledge of IT Service Management principles, best practices, and frameworks such as ITIL. - Expert-level knowledge of IT Service Management principles, frameworks, and best practices (ITIL) preferred. - Expert-level ServiceNow experience — incident workflows, ticket quality, auditing, and reporting preferred. - Proven ability to lead live incident response under pressure. - On-call availability; experience in 24/7 rotation environments. - Strong understanding of project management principles and data technologies preferred. Requirements - Experience in healthcare IT environments preferred. - ITIL 4 Foundation certification or higher preferred. - Hands-on experience building or facilitating DR tabletop exercises preferred. - Experience building or auditing runbook libraries preferred. - Familiarity with clinical system availability requirements preferred. - Strong executive communication and reporting skills preferred. Benefits - Medical, dental & vision. - Critical Illness, Accident, and Hospital. - 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available. - Life Insurance (Voluntary Life & AD&D for the employee and dependents). - Short and long-term disability. - Health Spending Account (HSA). - Transportation benefits. - Employee Assistance Program. - Time Off/Leave (PTO, Vacation or Sick Leave). Job Type & Location This is a Contract position based out of Fort Worth, TX. Fully remote but MUST SIT IN TEXAS. Pay and Benefits The pay range for this position is $53.00 - $82.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. Application Deadline This position is anticipated to close on Jun 12, 2026.