CrawlJobs Logo

Penetration tester

rapid7.com Logo

Rapid7

Location Icon

Location:
United Kingdom

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of both offensive and defense strategies. Vector Command is an always-on Red Team operation supporting multiple customers. As part of a specialized team, you will emulate real adversaries by performing large-scale reconnaissance, identifying exposed or high-value assets, and discovering weaknesses that can be leveraged for compromise. After gaining access, the team continues with post-compromise objectives to demonstrate real impact, evade detection, and assess the effectiveness of security controls. This service evaluates far more than vulnerabilities—it tests the customer’s entire security posture and defense-in-depth strategy. In addition to offensive operations, you will support customers through external attack surface analysis, exposure reconnaissance, integration of accounts and tools, preparation of monthly Red Team reports, and prioritization of customer requests. Daily collaboration with Vector Command operators is essential, as is maintaining awareness of new vulnerabilities, shifts in customer attack surfaces, and changes across customer environments.

Job Responsibility:

  • Deliver Rapid7’s Vector Command Continuous Red Teaming service
  • Design social engineering campaigns which function at scale, supporting numerous customers each month, emulating modern adversary TTPs
  • Deploy, configure, and maintain social engineering infrastructure to perform phishing operations at scale
  • Perform manual and automated reconnaissance at scale to identify targets for social engineering operations each month
  • Leverage external network vulnerabilities reported by Vector Command team members in targeted real-world social engineering attacks
  • Research the latest techniques in social engineering and implement them in monthly campaigns
  • Research and test methods to bypass social engineering defenses such as email filters, download restrictions, multi-factor authentication mechanisms, etc
  • Be an expert in sending phishing emails which make it to the client’s inbox
  • Design and execute vishing campaigns
  • Incorporate payloads provided by the Red Team lead into phishing and vishing operations
  • Upon successful credential breach or payload execution, evaluate the impact and coordinate with Vector Command team members for post-compromise breach simulation
  • Collaborate closely with a team of Red Team operators, participating in daily meetings to establish attack objectives and operational direction
  • Develop and maintain positive relationships with clients and understand their business and needs
  • Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices

Requirements:

  • 5+ years in an active technical security role
  • Strong knowledge of Advanced Social engineering techniques and tactics
  • Strong knowledge of Infrastructure management and deployment (domain records, web servers, terraform, ansible, phishing website creation)
  • Strong knowledge of Modern penetration testing tools and methods
  • Strong knowledge of Network, wireless and web application security concepts
  • Experience using interpreted languages (Ruby, Python, PHP, etc.)
  • Knowledge of common regulatory structures and obligations and common I.T. governance
  • Bug Bounty experience, identifying novel vulnerabilities in arbitrary internet-facing attack surfaces
  • Certifications such as OSCP, OSCE, GXPN, OSEE, CREST
  • Experience with Red & Purple Teams
  • Excellent communication skills both with internal and external stakeholders
  • Collaborative mindset, contributing to knowledge sharing and cross training
  • Demonstrates a strong sense of ownership and commitment to the “end-to-end” testing process
  • Core Value Embodiment: Embody our core values to foster a culture of excellence that drives meaningful impact and collective success

Additional Information:

Job Posted:
April 01, 2026

Work Type:
Remote work
Icon
Rapid7 - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Penetration tester

Senior Penetration Tester

As a Penetration Tester, you'll conduct regular, comprehensive security assessme...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years' experience in one or more of the following areas: Penetration Tester, Red/Purple Team Member, Security Engineer
  • Knowledge of technologies up to system level (web frameworks, communications protocols, database systems)
  • Offensive security knowledge of cyber-attack techniques, vulnerabilities, and mitigation strategies
  • Knowledge of penetration testing tools, frameworks, and methodology
  • Skills using Kali Linux, Nmap, PowerShell, Metasploit, Cobalt Strike, OWASP ZAP, Burp Suite
  • Proficiency in scripting
  • Awareness of frameworks such as MITRE ATT&CK and NIST and how they can be applied effectively within an enterprise
  • Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends
  • Cyber security qualifications from Offensive Security, SANS, Pentester Academy, CREST, eLearnSecurity or others
Job Responsibility
Job Responsibility
  • Scoping and executing of complex penetrations test across a wide scope of technologies, products, services, and applications and critical infrastructure companies
  • Helping the team to define and improve the internal security testing programme
  • Documenting technical issues both Cyber and IT related during testing assessments
  • Improve our monitoring services by working in purple style exercises and operating in a red team capacity to improve the ability to detect and respond to threats
  • Supporting incident response by providing context and expertise around cyber threats
  • Mentor to our junior & medior colleagues
What we offer
What we offer
  • Extensive career development opportunities, both local and international
  • Part of a dynamic network of 56,000 professionals at all stages of their careers
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

A senior penetration tester's main responsibility is to execute highly complex a...
Location
Location
Belgium , Olen
Salary
Salary:
Not provided
belden.com Logo
Belden, Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in penetration testing, red teaming, or a related offensive security role
  • Relevant industry certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC certifications (e.g., GPEN, GWAPT)
  • Proficiency in at least one scripting language (e.g., Python, Ruby, PowerShell) for automating tasks and developing custom tools
  • Deep knowledge of Windows and Linux/Unix operating systems
  • Strong understanding of TCP/IP, network protocols, and common network services
  • Extensive experience with common web vulnerabilities (e.g., OWASP Top 10) and familiarity with various web application frameworks
  • Experience with penetration testing in at least one major cloud provider (e.g., AWS, Azure)
  • Excellent written and verbal communication skills
  • Strong problem-solving and analytical abilities
  • Ability to work independently and as part of a team
Job Responsibility
Job Responsibility
  • Executing Advanced Penetration Tests: conduct in-depth security assessments on complex systems, including web applications, cloud environments, networks, and mobile applications
  • Developing Custom Tools and Exploits: develop own scripts and exploits to bypass sophisticated security controls and find zero-day vulnerabilities
  • Technical Mentorship: Guiding and mentoring junior and mid-level testers
  • Reporting and Communication: writing detailed technical reports that clearly outline vulnerabilities, their potential impact, and actionable recommendations for remediation
  • Staying Current: continuously research new threats, attack vectors, and security technologies
Read More
Arrow Right

Principal Penetration Tester

Sopra Steria Benelux is a significant player in cybersecurity, offering various ...
Location
Location
Czech Republic , Prague 7
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • more than 10 years of experience
  • strong understanding of low-level network concepts
  • Linux systems (RedHat)
  • security protocols
  • proven track record in penetration testing
  • hands-on experience with tools like Scapy and Bettercap
  • proficiency in Python or C++ for automating tasks and developing custom tools
  • ability to manage multiple projects
  • prioritize tasks
  • ability to properly collect evidence in correlation with the related pentest step
  • Fulltime
Read More
Arrow Right

Senior Penetration Tester

The role involves conducting deep-dive vulnerability assessments on a variety of...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree with a minimum of 5 years of experience
  • Expertise in Java, JavaScript (React, Node.js), .NET (ASP.NET, C#, Webflow, MVC, WebAPI), Application Infrastructure (Web/Application Servers, Databases, Middleware Components), and Cloud Computing (Google Cloud Platform, AWS, Azure)
  • Expertise in application security, ethical hacking using security tools (Burp Suite, AppScan), knowledge of OWASP Top 10, CWE/SANS Top 25, Threat Modeling
  • Industry-accredited security certifications such as GIAC GWAPT, GPEN, GXPN, OSCP and/or CISSP
Job Responsibility
Job Responsibility
  • Act as a subject matter expert in offensive information security
  • Drive remediation by outlining a defense-in-depth approach
  • Report and articulate vulnerability assessment results
  • Contribute to the review of internal processes and activities
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re looking for a principal Security Testing Engineer to work closely with the...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years penetration testing experience in a consultancy, dedicated internal pentesting team, or similar offensive security function
  • 2+ years experience as an offensive security team lead
  • Strong experience in white-box application security testing
  • Full stack application security technical experience
  • Delivery focused
  • Experience mentoring junior penetration testers
  • The ability to complete a penetration test and code review of a modern cloud application
  • Experience leading security teams on complex penetration testing engagements
  • Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and legal considerations
  • Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams
Job Responsibility
Job Responsibility
  • Providing SME knowledge and guidance to a team of pen testers/code review
  • Continuing to mature pen testing/code review workflows
  • Identifying and recruiting top-class penetration testing talent
  • Supporting and guiding the growth of a India based penetration testing team
  • Analysing vulnerability data for trends and gaps in controls
  • Identifying significant vulnerabilities in Atlassian products prior to production deployment
  • Building contacts in the Atlassian engineering team, product team and security team
  • Building and leveraging existing contacts to identify potential talent to join the team
  • Establishing testing processes in the local team that complements and extends existing processes
  • Identifying insights which contribute to strategic investments
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Test Analyst / Senior Test Analyst - Penetration Testing

We are seeking a talented and motivated Application Penetration Tester to join o...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
necsws.com Logo
NEC Software Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience using a formal application penetration testing methodology such as Open-Source Security Testing Methodology Manual (OSSTMM) or Penetration Testing Execution Standard (PTES)
  • Experience using Kali Linux including bundled penetration testing tools (Nmap, Wireshark, OWASP ZAP, Sqlmap, Metasploit)
  • Experience using Burp Suite for application penetration testing
  • Knowledge of scripting and programming languages (e.g., Python, Ruby, Bash, Powershell) for custom tool development and automation
  • Familiarity with various operating systems and network structures, including client/server, Unix/Linux systems, Mac OS X, VMware/Xen, Virtual Box and cloud technologies such as AWS, Azure, or Google Cloud and Active Directory
  • Understanding of common application issues and remediation techniques, OWASP Top 10
  • Understanding of secure development practices within a secure software development lifecycle, experience of Waterfall, Agile and DevOps / DevSecOps practices
  • Hold at least one recognised application penetration testing certification, e.g. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), CompTIA PenTest+
  • Can produce high quality documentation including test reports and best practice guidance
  • Good Interpersonal, written and verbal communication skills
Job Responsibility
Job Responsibility
  • Plan and execute penetration testing engagements for web applications, APIs, mobile applications, thick clients, infrastructure and cloud penetration testing
  • Identify and exploit vulnerabilities in applications using manual and automated testing techniques
  • Document findings in detail, including proof-of-concept exploits and recommendations for remediation and report writing skills
  • Collaborate with development and security teams to remediate vulnerabilities and improve application security
  • Stay up-to-date on the latest hacking techniques, vulnerabilities, and security tools
  • Participate in security code reviews and provide guidance on secure coding practices
  • May assist with developing and maintaining internal security tools and processes
  • Fulltime
Read More
Arrow Right

Penetration Tester

Translation Empire is seeking a PEN Tester – Crest Registered (CRT) to join our ...
Location
Location
Pakistan , Islamabad
Salary
Salary:
Not provided
translation-empire.pk Logo
Translation Empire
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Security, or a related field (or equivalent experience)
  • Must have CREST Registered Penetration Tester (CRT) or higher certification (e.g., CCT INF, CCT APP)
  • Proven experience in conducting penetration tests across various platforms
  • Strong knowledge of OWASP Top 10, NIST, MITRE ATT&CK, and common exploitation frameworks (e.g., Metasploit, Burp Suite, Cobalt Strike)
  • Proficient in scripting or coding languages such as Python, PowerShell, or Bash
  • Experience with both manual and automated testing techniques
  • Familiarity with reporting tools and formats used in regulated industries
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Plan, execute, and report on penetration tests against web applications, network, infrastructure, and databases
  • Identify and exploit security vulnerabilities to assess the risk to the business
  • Produce high-quality technical reports and executive summaries
  • Collaborate with internal stakeholders to validate findings and recommend mitigation strategies
  • Stay up to date with the latest security threats, vulnerabilities, and attack techniques
  • Support security awareness initiatives and contribute to internal security improvements
  • Provide mentorship to junior testers or team members where applicable
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy