Quick Summary
As a Penetration Testing Analyst, you will join the Global Services team, leveraging your technical skills and defense strategy knowledge to enhance client security posture. This role involves actively attacking networks and exploiting custom protocols in embedded devices. You will also collaborate with various Managed Services teams, providing daily tactical reports to customers, triaging alerts, addressing customer needs, and supporting incident response and communication.
About the Role
Your primary responsibility as a Penetration Testing Analyst will be to conduct technical testing across diverse targets and deliver daily tactical reports to our customers. You will gain firsthand experience with the evolving cyber threat landscape, helping clients remediate and mitigate prevalent threats.
Specifically, your focus will include:
- Performing technical testing against various targets, including network penetration testing (internal, external, wireless), web application and API testing, and social engineering (on-premise and electronic).
- Consistently producing high-quality reports and conducting peer reviews for accuracy.
- Assisting in the development and creation of Executive Briefings.
- Delivering timely reports to clients and external stakeholders.
- Translating complex technical concepts for non-security personnel.
- Learning rapidly in a fast-paced environment and managing solo engagements.
- Participating in industry conferences and professional organizations.
The skills and qualities you’ll bring include:
- 3+ years in an active technical security role.
- Excellent written and verbal communication skills.
- Previous technical security consulting experience.
- Knowledge of modern penetration testing tools and methodologies.
- Strong understanding of network, web-based application, and IEEE 802.11 security concepts.
- Proficiency with Windows/Linux/UNIX internals and the Internet protocol suite.
- Experience with interpreted languages (Ruby, Python, PHP, etc.) and knowledge of compiled languages (Java, C, C++, Assembly, etc.).
- Experience with social engineering techniques and tactics.
- A Bachelor’s degree in Computer Science, MIS, CIS, or a related field, or equivalent experience.
- Certifications such as GPEN, CPTS, or OSCP.
- The ability to ask for help.
We believe that diverse teams foster the best ideas and solutions, reflecting a variety of backgrounds and professional experiences. If this role excites you and you feel your experience can make an impact, we encourage you to apply today.
#LI-BD1 #LI-Remote
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, industry, and communities. We achieve this by harnessing our collective expertise and passion to challenge possibilities and drive extraordinary impact. We cultivate a dynamic and collaborative workplace that welcomes new ideas.
Protecting over 11,000 customers from bad actors and threats means we continuously innovate, as we have for the past 20 years. If you are ready to tackle some of the toughest challenges in cybersecurity, we are here to help you advance your career. Join us.
Rapid7, Inc. is committed to fair and equitable compensation practices. Candidate salaries are determined by various factors, including relevant work experience, skills, and certifications. Compensation decisions are evaluated on a case-by-case basis, and it is not typical for an individual to be hired at the very top of the salary range.
The salary range for this role in the US is:
$89,300.00 - 120,800.00 USD Annual
Salary ranges may vary based on geographical location. This range does not include variable/incentive compensation, equity, and benefits (where applicable/eligible).
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status, or any other status protected by applicable national, federal, state, or local law.