Rapid7: Security Consultant - Penetration Tester
Rapid7
120 Causeway Street
Boston, MA 02114

Employee Testimonials

Helen Ackers Rapid7
Aniket Menon Rapid7

Video

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. We combine our extensive experience in security data and analytics and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Our solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 8,400 organizations across 120 countries, including 52% of the Fortune 1000. To learn more about Rapid7 or get involved in our threat research, visit www.rapid7.com.

Job Overview

Do you enjoy hacking custom protocols, implemented in embedded devices? Do you enjoy attacking networks? How do you feel about attacks against SAML? As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of defense strategies.

Our clients often present us with unique security challenges from a testing perspective. Likewise, we work with a wide variety of technology platforms and protocols. Beyond providing services to customers, you are encouraged to perform research and speak at security conferences.

But wait, we're not done yet. You will be working at Rapid7! We have some cool products and ideas and we're enthusiastic about them. Why wouldn't you want to be part of that? Send us your resume and let's talk.

Essential Responsibilities

You will be called on to perform technical testing against a variety of targets. These include:

  • IoT and Embedded Device Testing (cloud, mobile, API, physical, network, firmware, and RF)
  • Network Penetration Testing (wired and wireless)
  • Web Application Testing
  • Social Engineering (on-premise and electronic)

Beyond delivering these services, as a consultant you will:

  • Grow to support all security practice offerings in a pre and post-sales role
  • Meet professional practice standards and demonstrate exceptional skill in core service areas
  • Develop and maintain positive relationships with clients
  • Execute delivery work that exceeds expectations
  • Understand the client's business and needs
  • Participating in industry conferences and professional organizations
  • Creating additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices

Job Requirements:

  • 5+ years in an active technical security role
  • Strong knowledge of the following:
  • IoT and embedded device penetration testing
  • Radio Frequency Analysis
  • IoT penetration testing tools
  • Modern penetration testing tools and methods
  • Network security concepts
  • Web-based application security concepts
  • IEEE 802.11 security concepts
  • Windows/Linux/UNIX internals
  • Internet protocol suite
  • Experience using interpreted languages (Ruby, Python, PHP, etc.)
  • Knowledge of compiled languages (Java, C, C++, Assembly, etc.)
  • Social engineering techniques and tactics
  • Strong written and verbal skills
  • Be able to work and interact with clients of various backgrounds
  • Maintain positive client relationships and feedback
  • Be comfortable explaining findings and recommendations to technical and non-technical audiences
  • Knowledge of common regulatory structures and obligations
  • Knowledge of common I.T. governance guidance

Job Plusses:

  • Previous technical security consulting experience
  • Fundamental or advanced understanding of electronics
  • Fundamental or advanced understanding of radio communications and protocols
  • Master's degree or foreign equivalent in Engineering, Computer Science, MIS, CIS or related field
  • Certifications such as GPEN, GXPN, GMOB, GWAPT, OSCP, OSCE, OSWP
Full-time

Employee Testimonials

James Green
Director of Engineering, Engineering, Software Development

"My favorite memory of being a 'Moose' is our first ever company-wide hackathon in Cambridge. After a fun–filled week for the company kick-off, we still managed to deliver, through the night, on some amazing ideas."

Brett Garofalo
Manager, Mid-Market Sales

"I am not a natural–born salesperson or leader. Rapid7 gave me the mentorship opportunities and leeway to develop those skillsets. Having the support of my management allowed me to take risks and learn from mistakes instead of being tentative and afraid to put myself out there."

Helen Ackers Rapid7
Helen Ackers
Marketing Specialist

"Every time you feel a little more comfortable with your job and what is expected from you, there is always something new to learn and something to add to the repertoire! I love this, it means every week I can see myself developing in my career."

Aniket Menon Rapid7
Aniket Menon
Manager, Enterprise Deployments

"I love the infectious energy and fast–paced nature of the job. Unrelenting progress towards becoming the #1 company in Cyber Security. The sheer number of Products and Services we have launched in the last two years is a staggering achievement."

Dennis Nahas Rapid7
Dennis Nahas
Systems Administrator

"The most fulfilling moments are seeing our products name dropped in the security press, knowing we all contributed to that."

Ashley Seamans Rapid7
Ashley Seamans
Director of Business Intelligence

"There's never a dull moment and always a new challenge to tackle. I have had the opportunity to work with people across the company on product launches, acquisitions, our global sales expansion and lots of new programs, each with its own hurdles but all equally rewarding."

Chris Wallace Rapid7
Chris Wallace
People Strategy Manager

"It's pretty cool to look around the room and know that I played a part in making all of that happen, and that I hopefully helped those people move into a role that they find really rewarding and exciting. Especially in a company where they in turn can have a big impact and take their careers to the next level. The fact that they are all good people, and that we all manage to have a bit of fun in the process, helps too."

Stephanie Philips Rapid7
Stephanie Philips
Counsel and Director, Contracts, Legal

"I love the truly collaborative team effort from everyone across the board – people are always willing to join an effort or a conversation to make a difference and find a solution, and they don't feel bound by their job descriptions or departmental functions if they have expertise that will help out a fellow Moose."

Roy Hodgman Rapid7
Roy Hodgman
Data Scientist

"I feel that [our core value for] continuous learning best represents me because it's been essential to my career here. There are no shortage of tools and techniques that can be applied to the projects I work on, and despite what I think I might know about the problem at hand, more often than not there are new and novel ways to approach it."