- Knowledge of Metasploit Framework. You understand what it's for and how to use it, and you have opinions on how to develop module content that makes it better. Strong opinions loosely-held are some of our favorites.
- Experience writing standalone PoCs or Metasploit modules. Experience in penetration testing, red teaming, mobile security, or security research is a plus, as is familiarity with the tooling and techniques used to advance these disciplines.
- Experience with Ruby, Python, or Go is a major plus; while Ruby is not necessarily important as your primary language, it is important to be able to understand and extend the techniques that Metasploit embodies.
- Experience with common vulnerability classes such as buffer overflows, command injection, and insecure deserialization.
- Conversant in distributed and open-source project development. You can review, merge, and rebase with aplomb.
- Interest in vuln analysis, fuzzing, reverse engineering, and/or advanced exploitation techniques; familiarity with tools such as WinDBG, GDB, IDA Pro, Burp Suite, etc.
- Understanding of modern security mitigations and how to bypass them (e.g., stack cookies, SafeSEH, DEP, ASLR, CFG, and so on).
- Soft Skills (just as important as technical skills)
- Interest in hacking and hacker culture, genuine curiosity about how things work, and willingness to figure stuff out.
- Ability to learn and dig into code. Metasploit Framework is comprised of more than a million lines of code contributed by hundreds of developers. Not everything is spelled out, but everything is discoverable.
- Ability to learn and evaluate new technologies quickly. You're comfortable with and excited about experimentation and uncertainty. The R+D team encounters and analyzes lots of artifacts and oddities on a regular basis: CVEs, PoC, vulnerable applications, vendor patches, blogs, pastes, Twitter threads, stack traces, error messages, you name it. You'll bring and hone an instinct for when something belongs in Framework, how to best incorporate it (e.g., module, library, integration?), and what strikes a balance between "intuitive for users" and "maintainable for developers."
- Ability to work asynchronously and directly with a team of co-workers and volunteers from around the globe.
-
Senior Security Researcher
před 6 dny
Rapid7 Prague, Česká republika Na plný úvazekRapid7's vulnerability and exploit research team does industry-leading attack research that prioritizes and uncovers risk for organizations worldwide. We're looking for an experienced vulnerability researcher to contribute to overall research team goals, helping defenders get ahe ...
-
Security Analyst
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekWe are expanding our Global footprint into Prague and as we build out our Security Research team we are looking for Security Researchers. As a security analyst, you will significantly influence the company's trajectory by examining threats, comprehending their manifestation, work ...
-
Lead Software Engineer
před 1 dnem
Rapid7 Prague, Česká republika Na plný úvazekRapid7's Metasploit team is building the future of the world's best-known software exploitation framework, working with the open-source community to help organizations around the world test their defenses and expose cybersecurity risk. We're looking for a lead engineer to help us ...
-
Lead Software Engineer
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekAbout the Team · Our Product and Engineering team works with our award-winning products to help us create a single experience to help customers assess risk, detect threats · and automate their security programs at over 10,000 organizations. These teams use best-in-class technolog ...
-
Cyber Intelligence Analyst
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekCyber Intelligence Analyst · Rapid7 is looking for a Cyber Intelligence Analyst to join our "Threat Command" team and take our threat intelligence analysis capabilities to the next levels. · About the Role · As part of the Cyber Intelligence Analyst team, you will investigate tre ...
-
Senior Network Security Engineer
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekSenior Network Security Engineer | On-prem and Cloud · We are looking for a Network Security Engineer to join us on our mission to make the internet a safer place. You will be a problem solver who is able to turn little observations into major problem-solving events and you will ...
-
Senior Security Governance Analyst
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekSenior Security Governance Analyst · This role is for someone who is looking to positively impact Rapid7 with their information security knowledge by contributing to Security Trust & Governance operations. An information security, governance & compliance and/or information techno ...
-
Lead Product Manager
před 8 hodinami
Rapid7 Prague, Česká republika Na plný úvazekAre you a Product Professional who is passionate about making a measurable impact through delivering innovative solutions? Are you motivated to improve customer experiences to help them better manage their security posture? Do you want to join a global technology company with a s ...
-
Senior IT Systems Engineer
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekAs a Senior Systems Engineer, you will own, innovate, and deliver server and endpoint technologies to drive business productivity. We are looking for an engineer to join our savvy IT team, who understands that technology is meant to empower people. The work will be constantly cha ...
-
Senior Software Engineer
před 4 dny
MasterCard Prague, Česká republika Paid WorkOur Purpose · We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financi ...
-
Lead Software Engineer
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekLead Software Engineer - Python / Cloud Security · InsightCloudSec is Rapid7's leading Cloud Security solution, which offers customers a fully-integrated set of tools to secure their cloud platforms in a single solution. Our customers use the product to identify and remediate clo ...
-
Senior Backend Software Engineer
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekJob Overview: · As a Senior Software Engineer, you'll be driving and proposing strategies around complex and unique technical problems affecting the business needs, communicating standards and getting buy-in on solutions. By serving as an expert and owner in multiple areas of the ...
-
Lead Software Engineer
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekLead Software Engineer We are expanding our Global footprint into Prague and as we build out our Product & Engineering teams, we are looking for Software Engineers. As a Lead Software Engineer, you'll be driving and proposing strategies around complex and unique technical problem ...
-
Senior Golang Engineer
před 4 dny
MasterCard Prague, Česká republika Paid WorkOur Purpose · We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financi ...
-
Data Engineer Intern
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekRole Overview · Our placement interns are our future engineers. From day one, our interns are treated as valued members of their team. As part of our Placement Program, you'll have the opportunity to have intimate conversations with key business leaders, receive guidance and supp ...
-
Azure Infrastructure/DevOps Manager
před 5 dny
Reed Czech Republic Praha, Česká republika Na plný úvazekJoin the Prague-based section of the humanitarian organization, where they are committed to maintaining a transparent and ethical work environment. The Azure Infrastructure Manager ensures smooth operation of client systems and tools, with a focus on Azure cloud services. Respons ...
-
Manager, Software Engineering
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekWe are expanding our Global footprint into Prague and as we build out our Product & Engineering teams, we are looking for a Manager of Software Engineering. In this role you'll lead our DevOps team in Prague and deliver state-of-the-art cloud applications hosted in AWS. As a mana ...
-
Technology manager
před 2 dny
Eaton Corporation Prague, Česká republika Paid WorkEaton is looking for a Technology Manager – Energy systems to join our corporate research department. · Location: Eaton European Innovation Center in Prague, Czech Republic. · About the project: · This position will lead research and development in the field of Energy Systems and ...
-
Business Intelligence Analyst
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekBusiness Intelligence Analyst · Rapid7 is looking for a highly motivated business intelligence analyst to drive insight for key business stakeholders, across our internal functional areas. This role will be accountable for providing accurate, timely and high-impact data and BI pr ...
-
Lead Incident Response Consultant
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekDo you enjoy being in the fight, investigating unusual activity, tearing apart malware, and chasing attackers in realtime? Do you pride yourself on developing methods for identifying and analyzing breaches? Do you feel compelled to help organizations improve their abilities to ef ...
Security Researcher - Prague, Česká republika - Rapid7
Popis
The Metasploit R+D team is responsible for growing the module repository that makes Metasploit Framework the world's most popular exploitation framework, and for producing research on offensive techniques and trends that keep pushing the security ecosystem forward. This year, we released MSF 6.4 with new offensive capabilities. Now, we're thinking about the content and features offensive practitioners need in MSF 7—from new exploits and innovative payloads to more intuitive targeting and stealthier movement within modern environments.
Want to help us get there? We're hiring a security researcher to develop high-quality modules and produce research that continues to inspire contributions and interest from a growing community.
About the Team
Help Rapid7 and the Metasploit community work together toward a shared vision for the future of the Metasploit Framework and its ecosystem. You will work with a talented global team to develop and maintain new modules and capabilities for Framework, produce research on trends that pique interest from both offensive and defensive practitioners, and make substantial technical contributions as a key member of a cross-functional team. You will have the opportunity to diagnose and understand user needs directly. The community is your customer
About the Role
As a Metasploit researcher you'll need to balance module development and security research and understand how each enhances the other. A good mix of skills includes:
Ideally, you have a body of work you can point to that showcases your research and development interests. Have you published blogs or technical analysis of vulnerabilities, exploits, or techniques that interest you? Written purpose-built tools that made your life easier? Contributed to open-source projects? Show us what you're passionate about, where your curiosity lies, and how you've tried to pull things together to solve problems for yourself and others.
We know that the best ideas and solutions come from multi-dimensional teams. Teams reflecting a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.
About Rapid7
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what's next.
