Senior Security Analyst (Rapid 7)
About the position Virtual Technologies Group is seeking a Senior Security Analyst to act as a primary responder and technical specialist within a staff augmentation model. In this role, you will focus on the day-to-day monitoring, investigation, and refinement of a security stack centered on AWS/Azure, Rapid7, and Proofpoint. Your goal is to move beyond basic alert monitoring to provide deep-dive forensic analysis and proactive threat hunting, ensuring that our cloud infrastructure remains resilient against emerging threats. This role requires a sharp analytical mind to evaluate complex security events and the ability to mentor junior analysts in improving incident response workflows.
Responsibilities
- Act as a primary responder and technical specialist.
- Focus on day-to-day monitoring, investigation, and refinement of a security stack centered on AWS/Azure, Rapid7, and Proofpoint.
- Provide deep-dive forensic analysis and proactive threat hunting.
- Ensure cloud infrastructure remains resilient against emerging threats.
- Evaluate complex security events.
- Mentor junior analysts in improving incident response workflows.
Requirements
- 5+ years of experience in Security Operations or Analysis.
- At least 3 years focused on investigating Cloud Security alerts (AWS or Azure).
- Proficiency in auditing cloud environments (VPC/VNet, S3/Blob access logs) and reviewing Identity & Access Management (IAM) permissions for anomalies.
- 2+ years of hands-on experience utilizing a SIEM or XDR platform (e.g., Rapid7, Splunk, or Sentinel) for event correlation and alert investigation.
- Experience interpreting vulnerability scan results, assessing their real-world exploitability, and tracking remediation progress with technical teams.
- Proven experience leading the "detect and analyze" phases of the IR lifecycle, including containment and detailed post-mortem documentation.
- Experience performing internal audits or control testing related to frameworks such as SOX or PCI-DSS.
- Ability to distill complex forensic findings into clear, concise reports for stakeholders and provide guidance to junior-level analysts.
Nice-to-haves
- Direct experience analyzing phishing and malware trends using Proofpoint (specifically TAP, TRAP, and IMD).
- Experience helping engineers refine detection logic and reducing false positives within Rapid7 InsightIDR.
- Ability to use Python or PowerShell to query logs, parse data sets, or automate common investigative steps.
- Familiarity with Microsoft Defender for Cloud and using Microsoft Purview for investigating data leakage or sensitive data exposure.
- Industry-recognized certifications such as GCIH, GCIA, CySA+, or Microsoft SC-200.
- Experience developing hypotheses for proactive threat hunts based on current IOCs and MITRE ATT&CK techniques.
- Previous experience working in a dedicated analyst capacity within a managed services or staff augmentation environment.
Benefits
- Medical insurance plans
- Dental insurance
- Vision insurance
- Health savings accounts (HSA)
- Flexible spending accounts (FSA)
- Life insurance
- Short and long-term disability insurance
- Paid time off and holidays
- 401(k) with employer match
Apply tot his job Apply To this Job