Knowledge of Metasploit Framework. You understand what it's for and how to use it, and you have opinions on how to develop module content that makes it better. Strong opinions loosely-held are some of our favorites.
Experience writing standalone PoCs or Metasploit modules. Experience in penetration testing, red teaming, mobile security, or security research is a plus, as is familiarity with the tooling and techniques used to advance these disciplines.
Experience with Ruby, Python, or Go is a major plus; while Ruby is not necessarily important as your primary language, it is important to be able to understand and extend the techniques that Metasploit embodies.
Conversant in distributed and open-source project development. You can review, merge, and rebase with aplomb.
Interest in vuln analysis, fuzzing, reverse engineering, and/or advanced exploitation techniques; familiarity with tools such as WinDBG, OllyDBG, GDB, IDA Pro, Burp Suite, etc.
Understanding of modern security mitigations and how to bypass them (e.g., stack cookies, SafeSEH, DEP, ASLR, CFG, and so on)