Lead Software Engineer, Offensive Security
Rapid7’s offensive security team announced Metasploit Framework 6.0 availability this past August and released the Attacker Knowledge Base (AttackerKB) two months later. We’re looking to build the future of the world’s most influential open-source hacker toolkit (Metasploit!), as well as the community and shared-knowledge around current (and past!) vulnerabilities (AttackerKB!), all while continuing to inspire contributions and interest from a growing community.
To help us get there, we’re looking for a lead software engineer to join our ranks. As an engineer on the offensive security team, you will have the opportunity to work on AttackerKB, our open-data project, helping take it to the next level with new features/interactions/integrations to increase value for (and contributions from) our community users and customers. You’ll also have the opportunity to work on Metasploit development (including open-source Metasploit Framework and also Metasploit Pro, our commercial product), in concert with our Metasploit security research team and community of open-source users and contributors, on a team responsible for driving innovation across the core of the world’s most popular exploitation framework.
_________________________________________________
Opportunities working with AttackerKB, Metasploit, and more!
Help Rapid7 and the community work together towards improving the “security landscape” we find ourselves a part of.
With AttackerKB, you’ll have an opportunity as part of the development team to help define+drive+implement improvements aimed at increasing our user base and community-provided content+value, helping realize the full potential of shared security knowledge.
With Metasploit Framework, you’ll have an opportunity to work with a talented and diverse world-wide team to maintain and improve Framework, developing new features, and pushing the offensive security ecosystem forward. You will get to know the ins-and-outs of Metasploit Framework, the problems it solves, and how to improve it. You will have the opportunity to diagnose and understand user needs directly. The community is your customer!
We also have new projects directly on the horizon that you’ll have an opportunity to be a part of, as well!
You’ll contribute as a leader in a cross-functional team, ensuring commitments are met, and taking responsibility for the success of the team. You will develop and guide more junior developers, helping the team work toward goals on a day-to-day basis, showing continual progress and improvement.
Desirable Soft Skills
Interest in security, hacking, and hacker culture. You are curious about how things work and willing to figure it out.
Ability to learn and evaluate new technologies quickly. You’re comfortable with experimentation and uncertainty.
Willingness to learn and dig into code. Not everything is spelled out, but everything is discoverable.
Ability to work asynchronously and directly with a team of co-workers and volunteers from around the globe.
Ready to lead a team and hold them accountable for results.
Desirable Technical Skills
Experience with Metasploit Framework is a plus. You understand what it’s for, how to use it, and have opinions on how to make it better. Ideally you’ve hacked a module or two.
Ruby and Ruby-on-rails. Ruby is not necessarily important as your primary language, but it helps to be able to understand and extend the techniques that Metasploit embodies. You’ll learn a lot on the job.
Go/Golang. Go is not necessarily important as your primary language, but it helps to be able to understand and improve the code of AttackerKB and other projects.
Conversant in distributed and open-source project development. You can review, merge, and rebase with aplomb.
Understanding of what makes a good API, understanding a few different languages and how their libraries work (Python, Ruby, Go), and understanding interprocess communication.
Understanding of how the Internet works, routing, and infrastructure. Interest in modern networking and deployment tooling, such as Virtual Machines, Docker, AWS, Terraform, and Vagrant are a plus.
Have you contributed to open source projects? Written purpose-built tools that made your life easier? Show us what you’re passionate about, where your curiosity lies, and how you’ve tried to pull things together to solve problems for yourself and others.