Rapid7 is one of the fastest growing software companies in the U.S., growing by over 2,000% in the past five years. We’re not only looking for the best and the brightest, but also the most innovative and passionate people to join our team.
Rapid7 is the leading provider of unified vulnerability management and penetration testing solutions. Rapid7’s Nexpose and Metasploit products help organizations to improve their security posture by providing actionable insights into the real threats from vulnerabilities across their entire IT infrastructure. With more than 1,700 enterprises and government agencies, Rapid7 delivers actionable intelligence about an organization's entire IT environment. Rapid7 offers the only integrated threat management solution that enables organizations to implement and maintain best practices and optimize their network security, web application security, database security, and penetration testing strategies.
Rapid7 has been recognized with numerous industry accolades including Boston Globe’s Best Places to Work, Red Herring 100 Award, Inc. 500, Deloitte's Fast 500, Info Security Products Guide Tomorrow’s Technology Today Award, Network Products Guide Best Products and Services Award, Info Security Products Guide Global Product Excellence Customer Trust Award, and an SC Magazine Award Winner.
Reporting directly to the Manager, Deployment and Training Services, the Rapid7 the Security Consultant is a key member of the Professional Services team who should possess a passion for customer success, security technology and innovation.
The Security Consultant will deliver deployment and training services to Rapid7’s customer-base. Services revolve around Rapid7’s flagship product Nexpose, as well as Metasploit, ControlsInsight, UserInsight and Mobilisafe.
* Deploy all Rapid7 products and technologies
* Perform high-quality product enablement training for new and existing customers
* Construct creative, solution-based approaches to architecture, implementation and go-live
* Communicate solution architecture and implementation details to customer end users
* Advise on security best practices as they relate to Rapid7 technologies
* Customize solutions - API scripting, SQL, application development - where necessary
* Actively participate within Rapid7 Community and Security Industry as advocate and advisor
Education/Experience:
* Associate’s degree in a relevant discipline (Computer Information Systems, Information System Technologies, Management Information Systems) or equivalent experience
* 5+ years IT security and/or IT audit experience including administration or analysis of network and system security related technologies, performing periodic network security reviews and assessments, reviewing information security policies and procedures, etc.
* 2+ years consulting experience including interfacing and servicing clients, managing and budgeting time and expenses, working in project-oriented environments with deadlines and milestones, making presentations to management, etc
* Prior software implementation and services experience, a plus
Technical Skills:
* Proficient in Microsoft Windows and Linux operating systems
* Working knowledge of security assessment and testing applications tools such as Nexpose, Nessus, CORE, Languard, Retina, SAINT, etc.
* Foundational knowledge of scripting languages (i.e. Perl, Python, Ruby, JavaScript) and the ability to learn Ruby, a plus
* Basic knowledge of T-SQL, a plus
* Basic knowledge of networking concepts (TCP/IP, routing, LAN/WAN, wireless, etc.)
* Basic knowledge of network security technologies such as firewalls, IDS/IPS, SIEM, content filtering, VPN, DLP, anti-malware, etc.
Security Skills:
* Previous experience with vulnerability management desired
* Basic knowledge of best practices relating to secure network architecture, design, and configuration
* Basic knowledge of security relating to common networked applications (email, web, etc.) and platforms (Windows, Unix, etc.)
* Basic knowledge of best practices standards relating to security administration and generally accepted information security principles and practices
* Fundamental knowledge of industry regulations and requirements such as the Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry (PCI) Data Security Standard (DSS)
Soft Skills:
* Must have the ability to work with and interact with clients of various backgrounds and maintain positive client relationships
* Must be comfortable and effective in presenting project deliverables to client management and explaining findings and recommendations outlined in the deliverables
* Must be able to work and manage time independently
* Must have the ability to develop formal reports/deliverables which includes detailing project objectives, scope, methodology, specific findings, support for findings, and recommendations
Other:
* Willingness to travel up to 50-70%
* Must be authorized to work in the United States on a full-time basis
* Experience in multiple programming languages and shell scripting
* Knowledge of Regulatory Requirements and Best Practice Frameworks such as ISO 17799, PCI, GLBA and HIPAA