Rapid7 is hiring a Security Analyst, Penetration Testing

Responsibilities

• Conduct penetration testing to identify and exploit vulnerabilities in systems.
• Develop and maintain penetration testing tools and techniques.
• Document and report findings to stakeholders in a clear and concise manner.
• Collaborate with cross-functional teams to address identified security issues.
• Provide recommendations for remediation and improvement of security measures.
• Stay current with the latest security trends, tools, and best practices.
• Participate in security assessments and audits.
• Assist in the development and implementation of security policies and procedures.
• Conduct security training and awareness programs for employees.
• Perform vulnerability assessments and risk analyses.
• Develop and execute security testing plans.
• Analyze and interpret security data to identify trends and patterns.
• Provide technical support for security-related incidents and issues.
• Contribute to the development of security documentation and guidelines.
• Evaluate the effectiveness of security controls and measures.
• Participate in incident response activities.
• Conduct security code reviews and assessments.
• Assist in the development of security training materials.
• Perform security assessments of third-party vendors and partners.
• Conduct social engineering assessments to test human vulnerabilities.
• Develop and maintain security dashboards and reporting tools.
• Provide input on security-related procurement decisions.
• Assist in the development of security awareness campaigns.
• Conduct regular security audits and compliance checks.

Nice to Have

• Master's degree in a related field.
• Certified Information Systems Security Professional (CISSP) certification.
• Experience with security operations center (SOC) environments.
• Knowledge of threat modeling and risk assessment techniques.
• Experience with security architecture and design.
• Familiarity with security data analytics and visualization tools.
• Experience with security policy and procedure development.
• Knowledge of security governance and risk management frameworks.
• Experience with security awareness and training program development.
• Familiarity with security incident and event management (SIEM) systems.

Compensation

Competitive salary and benefits package.

Work Arrangement

Remote work with flexible hours.

Team

Collaborative team environment with opportunities for professional growth.

What You'll Do

• Conduct penetration testing to identify and exploit vulnerabilities in systems.
• Develop and maintain penetration testing tools and techniques.
• Document and report findings to stakeholders in a clear and concise manner.
• Collaborate with cross-functional teams to address identified security issues.
• Provide recommendations for remediation and improvement of security measures.
• Stay current with the latest security trends, tools, and best practices.
• Participate in security assessments and audits.
• Assist in the development and implementation of security policies and procedures.
• Conduct security training and awareness programs for employees.
• Perform vulnerability assessments and risk analyses.

What You'll Need

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience in penetration testing and vulnerability assessment.
• Certified Ethical Hacker (CEH) or equivalent certification.
• Experience with penetration testing tools such as Metasploit, Nmap, and Wireshark.
• Strong knowledge of network protocols and security concepts.
• Experience with scripting and programming languages such as Python, Bash, or PowerShell.
• Familiarity with security frameworks and standards such as NIST, ISO 27001, and PCI-DSS.
• Experience with cloud security and virtualization technologies.
• Strong analytical and problem-solving skills.
• Excellent communication and documentation skills.
• Ability to work independently and in a team environment.
• Experience with incident response and forensic analysis.
• Knowledge of secure coding practices and application security.
• Experience with security information and event management (SIEM) systems.
• Familiarity with threat intelligence and threat hunting techniques.
• Experience with mobile and web application security.
• Knowledge of identity and access management (IAM) systems.
• Experience with security automation and orchestration tools.
• Familiarity with penetration testing methodologies and frameworks.
• Experience with red team and blue team exercises.
• Knowledge of security compliance and regulatory requirements.
• Experience with security awareness and training programs.
• Familiarity with security incident and event management (SIEM) systems.

What You'll Get

• Competitive salary and benefits package.
• Remote work with flexible hours.
• Collaborative team environment with opportunities for professional growth.
• No visa sponsorship available.

No visa sponsorship available.