- Work with the broader security research team to support day-to-day research operations, including coordinated vulnerability disclosures and rapid responses to major security incidents (note: there is no on-call requirement for this role)
- Perform and publish root cause analyses of high-priority vulns and potential threats that highlight Rapid7's attacker-focused approach to vulnerability intelligence
- Develop and publish new exploits and attack techniques, working alongside the Metasploit team to incorporate them into Metasploit Framework as needed. We believe strongly that defenders benefit from having democratic access to offensive security capabilities in order to understand attacks and test their controls
- Conduct zero-day research on popular enterprise technologies (e.g., network appliances, security gateways, CI/CD servers, file transfer and backup software, core operating systems, virtualization technologies, etc)
- Advise our security and threat detection engineers as they develop vulnerability checks, fingerprints, and detections; contextualize risk and explain attack patterns to cross-team technical stakeholders.
- Hands-on experience with common vulnerability classes and exploitation techniques (e.g., command injection, deserialization). We don't expect you to know everything, but you should be comfortable digging in to both learn and apply new or unfamiliar techniques when needed.
- Experience producing vulnerability root cause analyses (or other technical writing on vulns and exploits).
- Hands-on experience reverse engineering, patch diffing, and developing exploits; prior experience developing Metasploit modules is a plus.
- Familiarity with common security research tooling (e.g., IDA, Ghidra, Binary Ninja, Burpsuite, etc)
- An instinct for where and how to obtain or emulate vulnerable software. We can't perform hands-on analysis without targets—sometimes we have lab targets, sometimes there are AMIs available, and sometimes we have to get creative.
- Deep empathy for the challenges that security teams and global organizations face in today's threat climate; willingness to listen, mentor, and collaborate across teams.
-
Security Researcher
před 2 dny
Rapid7 Prague, Česká republika Na plný úvazekThe Metasploit R+D team is responsible for growing the module repository that makes Metasploit Framework the world's most popular exploitation framework, and for producing research on offensive techniques and trends that keep pushing the security ecosystem forward. This year, we ...
-
Security Analyst
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekWe are expanding our Global footprint into Prague and as we build out our Security Research team we are looking for Security Researchers. As a security analyst, you will significantly influence the company's trajectory by examining threats, comprehending their manifestation, work ...
-
Lead Software Engineer
před 1 dnem
Rapid7 Prague, Česká republika Na plný úvazekRapid7's Metasploit team is building the future of the world's best-known software exploitation framework, working with the open-source community to help organizations around the world test their defenses and expose cybersecurity risk. We're looking for a lead engineer to help us ...
-
Lead Software Engineer
před 6 dny
Rapid7 Prague, Česká republika Na plný úvazekAbout the Team · Our Product and Engineering team works with our award-winning products to help us create a single experience to help customers assess risk, detect threats · and automate their security programs at over 10,000 organizations. These teams use best-in-class technolog ...
-
Cyber Intelligence Analyst
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekCyber Intelligence Analyst · Rapid7 is looking for a Cyber Intelligence Analyst to join our "Threat Command" team and take our threat intelligence analysis capabilities to the next levels. · About the Role · As part of the Cyber Intelligence Analyst team, you will investigate tre ...
-
Senior Network Security Engineer
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekSenior Network Security Engineer | On-prem and Cloud · We are looking for a Network Security Engineer to join us on our mission to make the internet a safer place. You will be a problem solver who is able to turn little observations into major problem-solving events and you will ...
-
Senior Security Governance Analyst
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekSenior Security Governance Analyst · This role is for someone who is looking to positively impact Rapid7 with their information security knowledge by contributing to Security Trust & Governance operations. An information security, governance & compliance and/or information techno ...
-
Senior IT Systems Engineer
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekAs a Senior Systems Engineer, you will own, innovate, and deliver server and endpoint technologies to drive business productivity. We are looking for an engineer to join our savvy IT team, who understands that technology is meant to empower people. The work will be constantly cha ...
-
Lead Product Manager
před 17 hodinami
Rapid7 Prague, Česká republika Na plný úvazekAre you a Product Professional who is passionate about making a measurable impact through delivering innovative solutions? Are you motivated to improve customer experiences to help them better manage their security posture? Do you want to join a global technology company with a s ...
-
Senior Software Engineer
před 4 dny
MasterCard Prague, Česká republika Paid WorkOur Purpose · We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financi ...
-
Senior Backend Software Engineer
před 6 dny
Rapid7 Prague, Česká republika Na plný úvazekJob Overview: · As a Senior Software Engineer, you'll be driving and proposing strategies around complex and unique technical problems affecting the business needs, communicating standards and getting buy-in on solutions. By serving as an expert and owner in multiple areas of the ...
-
Lead Software Engineer
před 3 dny
Rapid7 Prague, Česká republika Na plný úvazekLead Software Engineer - Python / Cloud Security · InsightCloudSec is Rapid7's leading Cloud Security solution, which offers customers a fully-integrated set of tools to secure their cloud platforms in a single solution. Our customers use the product to identify and remediate clo ...
-
Lead Software Engineer
před 6 dny
Rapid7 Prague, Česká republika Na plný úvazekLead Software Engineer We are expanding our Global footprint into Prague and as we build out our Product & Engineering teams, we are looking for Software Engineers. As a Lead Software Engineer, you'll be driving and proposing strategies around complex and unique technical problem ...
-
Senior Golang Engineer
před 4 dny
MasterCard Prague, Česká republika Paid WorkOur Purpose · We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financi ...
-
Data Engineer Intern
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekRole Overview · Our placement interns are our future engineers. From day one, our interns are treated as valued members of their team. As part of our Placement Program, you'll have the opportunity to have intimate conversations with key business leaders, receive guidance and supp ...
-
Azure Infrastructure/DevOps Manager
před 6 dny
Reed Czech Republic Praha, Česká republika Na plný úvazekJoin the Prague-based section of the humanitarian organization, where they are committed to maintaining a transparent and ethical work environment. The Azure Infrastructure Manager ensures smooth operation of client systems and tools, with a focus on Azure cloud services. Respons ...
-
Manager, Software Engineering
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekWe are expanding our Global footprint into Prague and as we build out our Product & Engineering teams, we are looking for a Manager of Software Engineering. In this role you'll lead our DevOps team in Prague and deliver state-of-the-art cloud applications hosted in AWS. As a mana ...
-
Technology manager
před 2 dny
Eaton Corporation Prague, Česká republika Paid WorkEaton is looking for a Technology Manager – Energy systems to join our corporate research department. · Location: Eaton European Innovation Center in Prague, Czech Republic. · About the project: · This position will lead research and development in the field of Energy Systems and ...
-
Business Intelligence Analyst
před 5 dny
Rapid7 Prague, Česká republika Na plný úvazekBusiness Intelligence Analyst · Rapid7 is looking for a highly motivated business intelligence analyst to drive insight for key business stakeholders, across our internal functional areas. This role will be accountable for providing accurate, timely and high-impact data and BI pr ...
-
Lead Incident Response Consultant
před 1 týdnem
Rapid7 Prague, Česká republika Na plný úvazekDo you enjoy being in the fight, investigating unusual activity, tearing apart malware, and chasing attackers in realtime? Do you pride yourself on developing methods for identifying and analyzing breaches? Do you feel compelled to help organizations improve their abilities to ef ...
Senior Security Researcher - Prague, Česká republika - Rapid7
Popis
Rapid7's vulnerability and exploit research team does industry-leading attack research that prioritizes and uncovers risk for organizations worldwide. We're looking for an experienced vulnerability researcher to contribute to overall research team goals, helping defenders get ahead of the curve on emergent threats and keeping Rapid7 top of mind for industry audiences. You'll work with a skilled group of technical and cross-team leaders who are highly collaborative and deeply embedded in the security community.
About the Team
Rapid7 vuln researchers find and disclose zero-day vulnerabilities, write in-depth analyses of n-day bugs, develop Metasploit modules, identify patterns in emerging and established attack surface area, and help internal stakeholders, customers, and the public understand what's hot, what's not, and why. We also drive company-wide emergent threat responses to widespread attacks that pose risk to customers, but we aren't satisfied with a merely reactive approach to security research — we seek to identify and contextualize the vulnerabilities and attack vectors that will turn into tomorrow's widespread threats.
About the Role
In this role, you will:
The skills you'll bring include:
We know that the best ideas and solutions come from multi-dimensional teams. Teams reflecting a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don't be shy - apply today.