Security Analyst, Penetration Testing

As a Penetration Testing Analyst, you will work on the Global Services team to help clients improve their security posture through your technical skills and knowledge of defense strategies. You will enjoy attacking networks and hacking custom protocols implemented in embedded devices. You will also work with various Managed Services teams to help deliver day-to-day tactical reports to customers, triage alerts, address customer needs, and assist with incident response handling and communication.
About the Role
As a Penetration Testing Analyst, your primary responsibility will be to perform technical testing against a variety of targets and to help deliver day-to-day tactical reports to our customers. You will have a front-row seat to observe and learn about the ever-evolving cyber threat landscape and gain valuable experience by helping customers remediate and mitigate prevalent threats.
Specifically, your focus will be to:

• Perform technical testing against a variety of targets, including network penetration testing (internal, external, and wireless), web application and API testing, and social engineering (on-premise and electronic).
• Consistently produce high-quality reports and peer-review colleagues' work for errors and inaccuracies.
• Help develop and create Executive Briefings.
• Deliver timely reports to clients and external stakeholders.
• Translate technical concepts and convey them to non-security personnel.
• Be capable of learning in a fast-paced environment and taking on solo engagements.
• Participate in industry conferences and professional organizations.

The skills and qualities you'll bring include:

• 3+ years in an active technical security role.
• Excellent written and verbal communication skills.
• Previous technical security consulting experience.
• Knowledge of modern penetration testing tools and methods.
• Strong knowledge of network, web-based application, and IEEE 802.11 security concepts.
• Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite.
• Experience using interpreted languages (Ruby, Python, PHP, etc.) and knowledge of compiled languages (Java, C, C++, Assembly, etc.).
• Experience with social engineering techniques and tactics.
• A Bachelor's degree in Computer Science, MIS, CIS or a related field, or equivalent experience.
• Certifications such as GPEN, CPTS, or OSCP.
• The ability to ask for help.

We know that the best ideas and solutions come from multi-dimensional teams. That's because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
About Rapid7
At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what's possible and drive extraordinary impact. We're building a dynamic and collaborative workplace where new ideas are welcome.
Protecting 11,000+ customers against bad actors and threats means we're continuing to push the envelope - just like we've been doing for the past 20 years. If you're ready to solve some of the toughest challenges in cybersecurity, we're ready to help you take command of your career. Join us.
#LI-BD1 #LI-Remote
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.