Topic created on: April 8, 2009 12:26 CDT by aeppert .
Job Title: Info Sec Engineer
Position based in: El Segundo, CA
Rapid7 provides network security software and related research. We develop NeXpose, a unified vulnerability management solution that is primarily sold to large companies and government agencies as a standalone Linux/Windows application or as a pre-configured appliance.
The Vulnerability R&D Team is responsible for the core feature of NeXpose: its ability to scan hosts and networks to remotely detect all kinds of security vulnerabilities, e.g.: remote arbitrary code execution, weak SSH password, unapplied security update, world-readable /etc/shadow, authentication bypass, infection by well-known backdoor, predictable TCP ISN, insecure configuration of a network server, XSS on a web page, obsolete operating system version, SQL injection, directory traversal in an FTP server, JSP source code disclosure, memory exhaustion denial of service in an RPC service, unused built-in account not disabled, privilege escalation, etc.
Rapid7 is looking for a Software Engineer to become part of this Vulnerability R&D Team. Requirements:
o Minimum 2+ years of professional software development experience, preferably in an IT security field.
o Demonstrated interests in the computer and network security field, low-level and internals aspects of technologies, and vulnerability research and exploitation.
o Excellent coding skills in Java, C, or C++.
o Perl, Python, shell scripting, Jess (Java expert system shell) a plus.
o Good foundation in networking, have developed networking code, knowledge of the design of at least some common network protocols (IP, TCP, UDP, ICMP, HTTP, FTP, etc).
o Experience in a Unix/Linux environment.
o Ability to understand technical subjects and technologies you might not be familiar with.
o Experience in working in a team of 5-10 developers on a medium-to-large-scale project (100k-1M lines of code) project a plus.
o Skills in resource organization, project/task prioritization and schedule development.
Please contact Marc Bevand <marc_bevand at rapid7.com>