Vector Command Specialist

• Support Vector Command customers by conducting external attack surface analysis, exposure reconnaissance, account and tool integrations, preparing monthly red team report deliverables, and prioritizing customer requests
• Work daily with Rapid7’s Vector Command Red Team operators, assisting with ongoing red team exercises and staying up to date on the latest vulnerabilities, customer attack surface changes, and exposures within customer environments
• Onboard customers to the Vector Command platform and technologies
• Oversee and ensure the completeness of customer report deliverables
• Serve as the primary point of contact for customer inquiries related to testing operations, alerts, or general Vector Command questions associated with Red Team activities
• Coordinate and host monthly Vector Command Red Team update calls in conjunction with a Rapid7 Red Team lead
• Translate technical concepts and communicate them effectively to non-security personnel
• Coordinate communications between internal Rapid7 services on behalf of customers, including the Managed Detection and Response (MDR) and Managed Vulnerability Management (MVM) teams
• Provide monthly written summaries of each customer’s attack surface and Vector Command Red Team operations
• Analyze each customer’s exposures and attack surface within the Vector Command platform
• Conduct manual network and service reconnaissance to identify new exposures
• Perform Open-Source Intelligence (OSINT) gathering on customers to identify attack surface elements that extend beyond traditional network services
• Keep the Red Team informed of significant changes in customers’ attack surfaces
• Coordinate customer requests and prioritizations with the Red Team operators
• Develop scripts to query and analyze attack surface data from numerous sources and automated systems
• Perform entry level penetration testing activities against external assets, as assigned by the Red Team lead

• 3+ years in an active technical security role
• Excellent written and verbal communication skills
• Previous technical security consulting experience
• Knowledge of modern penetration testing tools and methods
• Knowledge of external attack surface reconnaissance techniques to identify customer’s internet facing exposures
• Strong knowledge of network, web-based application, and IEEE 802.11 security concepts
• Knowledge of Windows/Linux/UNIX internals and the Internet protocol suite
• Experience using scripting languages such as Python and PowerShell
• Experience with social engineering techniques and tactics related to reconnaissance and OSINT gathering
• A Bachelor’s degree in Computer Science, MIS, CIS or a related field, or equivalent experience

Certifications such as GPEN, PJPT, PNPT, CPTS, or OSCP are preferred