Incident Handler

Moose Labs LLC

Job Overview

Location

US - VA - Remote

Job Type

Full-time

Full Job Description

📋 Description

• Conduct investigations into malicious activity across workstations, servers, and cloud environments, ranging from commodity malware to sophisticated threat actor campaigns.
• Serve as an escalation point for complex and advanced security incidents, providing analysis and support to Rapid7’s Incident Response team during engagements.
• Perform forensic analysis to determine root cause, including examination of Windows, Linux, and macOS forensic artifacts, with preference for Windows expertise.
• Prepare detailed Incident Reports for each investigation, aligned with MITRE ATT&CK Framework, incorporating forensic, malware, and root-cause analysis.
• Triangulate and analyze alerts using Rapid7’s InsightIDR SIEM platform to identify potential compromises in customer environments.
• Collaborate with Cybersecurity Advisors to communicate investigation findings, client Requests For Information, and remediation recommendations.
• Directly engage with customers as needed to clarify findings, gather additional context, or advance complex investigations.
• Share threat intelligence with other analysts regarding emerging tactics, techniques, and procedures (TTPs) used by adversaries.
• Provide continuous feedback to Rapid7’s Threat Intelligence and Detection Engineering teams to improve detection capabilities and reduce false positives.
• Participate in cross-functional projects aimed at enhancing customer outcomes and optimizing the MDR service delivery model.
• Support incident response engagements by assisting with scoping, timeline reconstruction, identification of Indicators of Attack/Compromise (IOA/IOC), and updating documentation.
• Own end-to-end investigations requiring delegation, customer communication, documentation, and coordination across multiple internal teams.
• Apply understanding of adversary behaviors including lateral movement, privilege escalation, defense evasion, persistence, command and control, and data exfiltration.
• Perform basic static and dynamic malware analysis to support investigation objectives.
• Maintain a customer-first mindset, prioritizing client needs and concerns in all investigative decisions.
• Demonstrate strong written and verbal communication skills to bridge communication between MDR SOC analysts, Incident Responders, and customers.
• Continuously pursue learning and growth in cybersecurity through evolving threat landscapes and new technologies.
• Utilize Rapid7’s proprietary software tools to triage, investigate, and escalate security events within customer environments.

🎯 Requirements

• 3-4 years of experience in a cybersecurity-related position, with SOC and/or SIEM analysis experience preferred
• Understanding of core operating system concepts in Windows, macOS/Darwin, and Linux, including common internal tools and directory structures
• Proficiency in analyzing forensic artifacts to determine root cause in investigations
• Fundamental understanding of adversary tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration
• Effective verbal and written communication skills to collaborate across teams and communicate with customers
• Some experience with static and dynamic malware analysis

🏖️ Benefits

• Opportunity to work with Rapid7’s award-winning SIEM platform, InsightIDR
• Collaborative environment focused on innovation and impact within a 24/7/365 MDR SOC
• Exposure to diverse and evolving threat landscapes across 11,500+ global customers
• Career growth opportunities within a dynamic cybersecurity organization
• Remote work flexibility within the United States
• Inclusion in a team that values diverse backgrounds and professional experiences

Skills & Technologies

AWS

Azure

GCP

Linux

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Moose Labs LLC

Visit Website

About Moose Labs LLC

Moose Labs LLC designs and sells personal filtration products, most notably the MouthPeace and MouthPeace Mini silicone mouthpiece adapters that fit water pipes, vapes and joints. Founded in 2014, the California-based company uses activated carbon filters to reduce tar, resins and contaminants. Its line also includes smell-proof storage cases, cleaning solutions and branded accessories. Products are sold online and through smoke shops worldwide, targeting recreational cannabis consumers seeking cleaner intake. The firm emphasizes medical-grade materials and third-party lab testing while maintaining a playful, outdoor-oriented brand identity anchored by the Moose mascot and eco-friendly packaging initiatives.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.