Rapid7’s Metasploit team released Metasploit Framework 5.0 this past January, the first major version since 2011. We’re now looking to build the future of the world’s most influential open-source hacker toolkit, efficiently targeting modern environments, integrating seamlessly with a growing collection of third-party tools, and continuing to inspire contributions and interest from a growing community.
To help us get there, we’re looking for Metasploit software engineers to join our ranks. We’re also open to security researchers, operators, and other offensive practitioners with strong development experience. As a Metasploit engineer, you will work in concert with our community of open-source users and contributors on a team responsible for driving innovation across the core of the world’s most popular exploitation framework.
Opportunities working with Metasploit:
Help Rapid7 and the Metasploit community work together towards a shared vision for the future of Metasploit Framework and its ecosystem. You will work with a talented and diverse world-wide team to maintain and improve Metasploit Framework, developing new features, and pushing the offensive security ecosystem forward.
Get to know the ins-and-outs of Metasploit framework, the problems it solves, and how to improve it. You will have the opportunity to diagnose and understand user needs directly. The community is your customer!
Interest in hacking and hacker culture. You are curious about how things work and willing to figure it out.
Ability to learn and evaluate new technologies quickly. You’re comfortable with experimentation and uncertainty.
Willingness to learn and dig into code. Not everything is spelled out, but everything is discoverable.
Ability to work asynchronously and directly with co-workers and volunteers from around the globe.
Desirable Technical Skills:
Experience with Metasploit Framework. You understand what it’s for, how to use it, and have opinions on how to make it better. Ideally you’ve hacked a module or two.
Ruby and Ruby-on-rails. Ruby is not necessarily important as your primary language, but it helps to be able to understand and extend the techniques that Metasploit embodies. You’ll learn a lot on the job.
Conversant in distributed and open-source project development. You can review, merge, and rebase with aplomb.
Understanding of what makes a good API, understanding a few different languages and how their libraries work (Python, Ruby, Go), and understanding interprocess communication.
Understanding of how the Internet works, routing, and infrastructure. Interest in modern networking and deployment tooling, such as Kubernetes, AWS, Vagrant, and Docker are a plus.
Have you contributed to open source projects? Written purpose-built tools that made your life easier? Show us what you’re passionate about, where your curiosity lies, and how you’ve tried to pull things together to solve problems for yourself and others.
- Attractive Salary
- Competitive Pension employer contribution
- Company Shares plan
- Generous holiday allowance
- Flexible working and the option to work from home
- Health insurance for you and your family
- Life and disability insurance
- Budget for additional education/development
- Enhanced Maternity/Paternity pay schemes
- Healthy (and some unhealthy) snacks and drinks plus regular office breakfast and lunches
- Monthly outings/Summer party/Christmas party
- 50% off gym membership
We strive to promote a culture of overall wellness within our offices and offer
- qualified mental health first aiders on site
- access to online GP 24/7, 365 days a year
- free onsite mortgage advice to promote financial wellness
- sponsorship for sporting/charity events
Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant. Our products and services enable organizations to innovate securely and reliably, and include offerings in vulnerability management (Nexpose), penetration testing (Metasploit), application security (AppSpider), SIEM/incident detection and response (InsightIDR), and log management (Logentries). Learn more at Rapid7.com.