Security Consultant, Penetration Testing (Remote Eligible)

About Rapid7's Global Services Team

Rapid7's Global Services team empowers clients to enhance their security posture through advanced technical skills and deep knowledge of defense strategies. As a Penetration Tester, you will focus on attacking networks and hacking custom protocols implemented in embedded devices.

The Penetration Testing Team

Our Penetration Testing Consultants possess a wide range of expertise, spanning years of experience in blue team environments to extensive offensive security experience in Red Team, IoT, and exploitation development. We operate on a collaborative model, ensuring clients benefit from the collective knowledge of the entire team.

About the Role: Penetration Tester Responsibilities

Your primary responsibility will be testing various types of security engagements, including network, web application, phishing/vishing, Red Team, IoT, and Cloud assessments. Your technical skills and knowledge are crucial for helping clients improve their security posture.

Specifically, you will focus on:

• Consistently delivering high-quality network, web application, and wireless penetration testing services.
• Producing high-quality reports and conducting peer reviews of colleagues' work.
• Engaging in knowledge sharing and cross-training with a collaborative mindset.
• Delivering timely reports to clients and external stakeholders.
• Translating complex technical concepts and conveying them clearly to non-security personnel.
• Continuously learning and satisfying a ferocious curiosity about how systems work.

Required Skills and Qualifications

The skills and qualities necessary for success include:

• Excellent communication skills for interacting with both internal and external stakeholders.
• Previous technical consulting experience.
• Strong knowledge of cybersecurity standards and industry best practices.
• Strong knowledge of modern penetration testing tools and methods.
• Strong knowledge of network, web-based application, and IEEE 802.11 security concepts.
• Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite.
• Experience using interpreted languages (e.g., Ruby, Python, PHP).
• Knowledge of compiled languages (e.g., Java, C, C++, Assembly).
• Experience with social engineering techniques and tactics.
• Offensive Security Certified Professional (OSCP) certification, or actively working toward achieving it.
• A customer-driven mindset focused on ensuring a fantastic customer experience.
• The ability to ask for help when needed.

About Rapid7

At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We achieve this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We are building a dynamic and collaborative workplace where new ideas are welcome.

Protecting over 11,000 customers against bad actors and threats means we continuously push the envelope, as we have done for the past 20 years. If you are ready to solve some of the toughest challenges in cybersecurity, we are ready to help you take command of your career. Join us. (#LI-BD1 #LI-Remote)

Compensation Information (US)

The salary range for this role in the US is: $114,200.00 - $154,400.00 USD Annual. Salary ranges may vary based on geographical location. This range does not include variable/incentive compensation, equity, and benefits (where applicable/eligible).

A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, and certifications. We evaluate compensation decisions on a case-by-case basis, and it is not typical for an individual to be hired at the very top of the salary range.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.