Submit a job posting: https://goo.gl/forms/QgbCdh6rVu6rfjJz1
Disclaimer: These job listings are generally provided by our users and are not legally binding. Please discuss all employment details with the company you're applying to. Thanks!
June 22, 2017
@abatchy on the slack
SECURITY SOFTWARE ENGINEER
Vancouver or Redmond
Do not apply here if interested, instead contact @abatchy
Desired Education / Certifications
BS in Computer Science or equivalent experience.
Remote Work / Travel:
June 13, 2017
@Kalabaster on slack
Alexandria, VA or Belfast, Ireland
Work in Rapid7 Managed Detection and Response SOC, a 24/7 SOC with flexible hours with general shift work. This is a threat hunting and incident response roles, with a monitoring component. This is a 15% network based, and 85% host based shop. Be familiar or willing to learn about using host based forensic artifacts. Beers in the office fridge, nerf guns, weekly voluntary training sessions on voted topics, and the chance to chill with some of the smartest misfits in the biz (and also me). Ignore the garbage on the posted ad, these are the things that matter: Can you speak to how you can catch bad guys? If someone finds malware on a system, can you do something with it that isn't just "look it up on virustotal and see if it's bad by its score" (i.e. find it out how it got there and what it did using filesystem, memory, network forensics)? If I gave you a malicious PDF, how could you figure out how to see if it's bad (using google, etc)? How can you prove evidence of execution on a file system? What's shimcache and why is it useful? What are different ways malware can establish persistence? Can you code in python, go, or angular.js? If I gave you a 2 GB csv of log data, can you do something useful with the data inside it, other than cry uncontrollably? If you don't know the answer to these things, would you be able to learn it quickly if I gave you recommended reading on the subject? Have you read and can you speak to any of these books: "Incident response and Computer Forensics, Third Edition", "Practical Malware Analysis", "The Art of Memory Forensics"?
25-40k (Belfast), 90k-130k (Alexandria) + 10% bonus (can go higher based off performance). Base salary in DC can go deep into 6 figures, but you have to actually know your shit for that.
Desired Education / Certifications:
None required, SANS/GIAC is preferred
Remote Work / Travel:
Flexible WFH hybrid