Penetration Tester, Vector Command, Social Engineering Specialist

Do you enjoy attacking networks? Do you enjoy sifting through large amounts of attack surface, crafting novel attack chains to breach a client’s perimeter, gaining initial access, laterally moving, and demonstrating impact, all while evading security teams and their controls? As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of both offensive and defence strategies.

About the Team

Vector Command is an always-on Red Team operation supporting multiple customers. As part of a specialized team, you will emulate real adversaries by performing large-scale reconnaissance, identifying exposed or high-value assets, and discovering weaknesses that can be leveraged for compromise. After gaining access, the team continues with post-compromise objectives to demonstrate real impact, evade detection, and assess the effectiveness of security controls. This service evaluates far more than vulnerabilities—it tests the customer’s entire security posture and defence-in-depth strategy. In addition to offensive operations, you will support customers through external attack surface analysis, exposure reconnaissance, integration of accounts and tools, preparation of monthly Red Team reports, and prioritization of customer requests. Daily collaboration with Vector Command operators is essential, as is maintaining awareness of new vulnerabilities, shifts in customer attack surfaces, and changes across customer environments.

About the Role

Your primary responsibility is to deliver Rapid7’s Vector Command Continuous Red Teaming service. In this role, you will design social engineering campaigns which function at scale, supporting numerous customers each month, emulating modern adversary TTPs. These campaigns focus on initial access, not click rates, and are often combined with external vulnerabilities or misconfigurations to demonstrate real-world impact. Specifically, your focus will be to:

• Deploy, configure, and maintain social engineering infrastructure to perform phishing operations at scale.
• Perform manual and automated reconnaissance at scale to identify targets for social engineering operations each month.
• Leverage external network vulnerabilities reported by Vector Command team members in targeted real-world social engineering attacks (incorporate subdomain takeovers, cross-site scripting, etc. into campaigns).
• Research the latest techniques in social engineering and implement them in monthly campaigns.
• Research and test methods to bypass social engineering defenses such as email filters, download restrictions, multi-factor authentication mechanisms, etc.
• Be an expert in sending phishing emails which make it to the client’s inbox.
• Design and execute vishing campaigns.
• Incorporate payloads provided by the Red Team lead into phishing and vishing operations.
• Upon successful credential breach or payload execution, evaluate the impact and coordinate with Vector Command team members for post-compromise breach simulation.
• Collaborate closely with a team of Red Team operators, participating in daily meetings to establish attack objectives and operational direction.
• Develop and maintain positive relationships with clients and understand their business and needs.
• Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices.

The skills and qualities you’ll bring include:

• 5+ years in an active technical security role
• Strong knowledge of the following:
• Advanced Social engineering techniques and tactics
• Infrastructure management and deployment (domain records, web servers, terraform, ansible, phishing website creation).
• Modern penetration testing tools and methods
• Network, wireless and web application security concepts
• Experience using interpreted languages (Ruby, Python, PHP, etc.)
• Knowledge of common regulatory structures and obligations and common I.T. governance.
• Bug Bounty experience, identifying novel vulnerabilities in arbitrary internet-facing attack surfaces
• Certifications such as OSCP, OSCE, GXPN, OSEE, CREST