[Hiring] Penetration Tester, Vector Command, Social Engineering Specialist @Rapid7

Role Description

As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of both offensive and defense strategies.

• Deliver Rapid7’s Vector Command Continuous Red Teaming service
• Design social engineering campaigns which function at scale, supporting numerous customers each month
• Emulate modern adversary TTPs focusing on initial access
• Deploy, configure, and maintain social engineering infrastructure for phishing operations
• Perform manual and automated reconnaissance to identify targets for social engineering operations
• Leverage external network vulnerabilities in targeted real-world social engineering attacks
• Research and implement the latest techniques in social engineering
• Test methods to bypass social engineering defenses
• Design and execute vishing campaigns
• Incorporate payloads into phishing and vishing operations
• Evaluate impact upon successful credential breach or payload execution
• Collaborate closely with a team of Red Team operators
• Develop and maintain positive relationships with clients
• Create additional value for clients through continual insights and consultative advice

Qualifications

• 5+ years in an active technical security role
• Strong knowledge of advanced social engineering techniques and tactics
• Infrastructure management and deployment (domain records, web servers, terraform, ansible, phishing website creation)
• Modern penetration testing tools and methods
• Network, wireless and web application security concepts
• Experience using interpreted languages (Ruby, Python, PHP, etc.)
• Knowledge of common regulatory structures and obligations and common I.T. governance
• Bug Bounty experience, identifying novel vulnerabilities in arbitrary internet-facing attack surfaces
• Certifications such as OSCP, OSCE, GXPN, OSEE, CREST
• Experience with Red & Purple Teams
• Excellent communication skills with internal and external stakeholders
• Collaborative mindset, contributing to knowledge sharing and cross training
• Commitment to the "end-to-end" testing process

Core Value Embodiment

• Embody core values to foster a culture of excellence that drives meaningful impact and collective success
• Encourage multi-dimensional teams reflecting a variety of backgrounds and professional experiences