After the incredible success of the Metasploit Express and Metasploit Pro product launches last year, we are happy to announce a new position on the Rapid7 Metasploit team. Effective immediately, we are seeking a self-driven Exploit Engineer to join the team of full-time Metasploit developers.
Job duties include researching vulnerabilities and writing exploit code in the form of Metasploit modules (Ruby). Exploit modules will be released to the public under the BSD open source license.
The ideal candidate will primarily work from home, but will meet with team members approximately once a week in Austin, TX. However, exceptions may be made for the perfect candidate. Candidates must have the right to work in the United States.
- Competitive salary and bonus plan
- Health care and medical benefits
- Paid to contribute to an open-source project
- Exploits publicly released under BSD license
A candidate must have a solid understanding of:
- Common vulnerability classes
- State-of-the-art exploitation techniques
- Programming in Ruby, C, C , and x86 assembly
- Common networking protocols (TCP/IP and related protocols)
- Network and system administation of a lab environment
- Using debuggers and disassemblers (WinDbg, IDA Pro)
- Binary patch diffing (BinDiff or otherwise)
- Common operating system implementations (Windows, Linux, etc)
In addition to the requirements, we prefer candidates who have experience:
- Developing exploits using the Metasploit Framework
- Reverse engineering compiled applications
- SMT/SAT solvers
- Various run-time analysis techniques
- Dynamic Binary Instrumentation/Translation
- Programming in other assembly languages, such as ARM, PPC, SPARC, MIPS
- Embedded device research and exploitation
All interested parties should email their resumes to jobs[at]metasploit.com.