Associate Detection and Response (MDR) Analyst

Rapid7's Tactical Operations team is looking for an Associate Detection & Response Analyst to tackle time-critical security investigations and safeguard our global customers. This foundational role empowers you to hunt down malicious behavior, steer end-to-end incident analyses, and collaborate with a world-class team of analysts to stay ahead of the security curve. If you are a curious, driven problem-solver eager to launch your career in cybersecurity, this is your opportunity to make a collective impact from day one.
About the Team
The Tactical Operations team (TACOPS) handles the most time-critical tasks for all customers, executing the investigation and triage of high-priority security alerts using our cloud-hosted SIEM, InsightIDR. This collaborative team drives business and customer outcomes by combining individual technical skills with collective knowledge to identify threats and deliver robust remediation recommendations.
About the Role
As an Associate Detection & Response (MDR) Analyst, your primary responsibility will be to investigate and triage high-priority security alerts to identify malicious activity in customer environments. Specifically, your focus will be to:

• Review alert data to identify malicious activity and potential security threats across diverse customer environments
• Steer security investigations from initial alert through comprehensive evidence acquisition and root-cause analysis
• Write technical incident reports documenting key findings, analysis methodologies, and actionable remediation recommendations for customers
• Coordinate closely with SOC advisor colleagues to support effective communication of technical findings to the customer
• Partner with Mid, Senior, and Lead Analysts to collaboratively solve complex challenges and share knowledge across the SOC team
• Perform targeted investigation tasks and examine forensic artifacts during critical Remote Incident Response engagements
• Track threat actor actions across an environment by analyzing system and forensic logs during security incidents
• Maintain a flexible operational rhythm, working in the physical SOC two days per week (including Wednesdays) and adhering to the dedicated afternoon shift schedule

The skills and qualities you'll bring include:

• Adaptability to work a fixed shift rotation from Monday to Thursday, 11 AM - 9 PM, following a comprehensive 90-day onboarding period.
• Professional or academic experience spanning 0-2 years within technology, systems administration, or information security environments
• Foundational knowledge of core security concepts including lateral movement, privilege escalation, persistence methods, and command and control
• Working familiarity with Windows and Linux operating systems and their underlying security architectures
• Training in red team/blue team learning tools such as HackTheBox, TryHackMe, and LetsDefend and/or participation in CTF events is a plus
• Scripting/coding ability and/or Security Certifications (GFACT, GSEC, GCIA, GCIH, CySA+, CASP+, Security+, etc.) is a plus
• Creative problem-solving abilities, critical thinking capacity, and technical ingenuity when addressing complex challenges
• Insatiable curiosity and a strong forward focus, demonstrating a passionate commitment to learning and developing your cybersecurity craft
• Eagerness and open communication when navigating change, adapting smoothly to evolving business needs, shift structures, and group dynamics
• Capacity to make efficient, structured choices that resolve challenges and maintain analytical momentum during high-pressure incidents
• Clear accountability for actions and behaviors while driving outcomes that deliver genuine value for the business and our customers
• Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success

We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
#LI-SIM
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,500+ customers against bad actors and threats means we're continuing to push the envelope just like we' ve been doing for the past 20 years. If you 're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.