Associate Detection & Response Analyst

Rapid7's Tactical Operations team is looking for an Associate Detection & Response Analyst to tackle time-critical security investigations and safeguard our global customers. This foundational role empowers you to hunt down malicious behavior, steer end-to-end incident analyses, and collaborate with a world-class team of analysts to stay ahead of the security curve. If you are a curious, driven problem-solver eager to launch your career in cybersecurity, this is your opportunity to make a collective impact from day one. About the Team The Tactical Operations team (TACOPS) handles the most time-critical tasks for all customers, executing the investigation and triage of high-priority security alerts using our cloud-hosted SIEM, InsightIDR. This collaborative team drives business and customer outcomes by combining individual technical skills with collective knowledge to identify threats and deliver robust remediation recommendations. About the Role As an Associate Detection & Response (MDR) Analyst, your primary responsibility will be to investigate and triage high-priority security alerts to identify malicious activity in customer environments. Specifically, your focus will be to: Review alert data to identify malicious activity and potential security threats across diverse customer environments Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements Track threat actor actions across an environment by analyzing system and forensic logs during security incidents Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule The skills and qualities you'll bring include: Adaptability to work a fixed shift rotation from Monday to Thursday, 11 AM - 9 PM, following a comprehensive 90-day onboarding period. Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control Working familiarity with Windows and Linux operating systems and their underlying security architectures Training in red team/blue team learning tools such as HackTheBox, TryHackMe, and LetsDefend and/or participation in CTF events is a plus Scripting/coding ability and/or Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.) is a plus Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today. #LI-SIM #LI-SIM About Rapid7 At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,500+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us. Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attacker methodology. Trusted by more than 11,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what's next.