Job description

Penetration Tester, Consultant (Remote US)

Do you enjoy attacking networks? Do you enjoy hacking custom protocols implemented in embedded devices? As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of defense strategies.

About the Team

Here at Rapid7, our penetration testing consultants have come to us with various skills, ranging from multiple years within a blue team environment, helping to protect the company infrastructure, giving yearly security training sessions, and more. We also have individuals with numerous years within the offensive security field, with vast amounts of experience in Red Team, IoT, exploitation development, and more. At Rapid7, you're not alone in testing, which is something even our clients know. You're not just getting one pentester, you're getting them all.

About the Role

Within Rapid7, every employee will learn about our Core Values. These values are important at every level. This is at the forefront of an excellent consultant. Bring your awesome communication skills, timely delivery of reports, consume knowledge and experience from others, and contribute back to the community and Rapid7 as a whole. Our pentest consultants will test against various types of engagements, including network, web app, phishing/vishing, Red Team, IoT, Cloud, etc..

In this role, you will need:

Excellent communication skills both with internal and external stakeholders
Collaborative mindset, contributing to knowledge sharing and cross training
Technical competencies, including previous technical consulting experience
High quality report writing and peer reviewing
Knowledge of Cybersecurity standards and industry best practices
Check your ego at the door

The skills you’ll bring include:

At a minimum, being able to deliver:
- Network Penetration Testing (Internal, External, and Wireless)
- Web Application Penetration Testing
Strong knowledge of the following:
- Modern penetration testing tools and methods
- Network security concepts
- Web-based application security concepts
- IEEE 802.11 security concepts
- Windows/Linux/UNIX internals
- Internet protocol suite
- Experience using interpreted languages (Ruby, Python, PHP, etc.)
- Knowledge of compiled languages (Java, C, C++, Assembly, etc.)
- Social engineering techniques and tactics
Offensive Security Certified Professional (OSCP), or working towards it.
A ferocious curiosity to figuring out how things work, and a strong willingness to continually learn.
A customer driven mindset, focused on ensuring a fantastic customer experience, and ability to translate technical concepts and convey them to non-security personnel
Ability to ask for help!

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today.

About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome.

Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.

#LI-AA2

#LI-Remote

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.

Required profile