Lead Software Engineer - Metasploit



Software Engineering
Prague, Czechia
Posted on Wednesday, October 18, 2023

Rapid7’s Metasploit team is building the future of the world’s best-known software exploitation framework, working with the open-source community to help organizations around the world test their defenses and expose cybersecurity risk. We’re looking for a lead engineer to help us maintain and improve Metasploit Framework and Metasploit Pro in collaboration with our global user community.

About the Team​
Metasploit is the world’s most popular open-source hacker toolkit. At Rapid7, a distributed team of security researchers and software engineers works with the open-source community to incorporate fresh features, enhancements, and fixes into Metasploit. The Metasploit commercial engineering team also ensures the stability and optimization of our product pipeline, from automated testing and dependency management all the way through new customer-facing enhancements.

Metasploit and its related projects are built with Ruby and Ruby on Rails, but Metasploit also incorporates many other languages. You can fit so many exploits in this thing.

About the Role

As a lead engineer, you’ll mentor and grow more junior developers in addition to writing (or removing!) code yourself. You’ll help the team work toward sprint goals on a day-to-day basis and bring strong engineering principles to bear on projects from architecture through implementation.

In this role, you will:

  • Work asynchronously with researchers, engineers, and community members worldwide

  • Develop new features and enhancements, build integrations, and deliver intuitive capabilities that delight and inspire Metasploit users

  • Assess, improve, and document community-contributed code to extend Metasploit functionality in a usable, maintainable way

  • Partner with our product manager and principal engineer to prioritize work, plan sprints, and ensure commitments are met

  • Suggest features and enhancements for Metasploit’s long-term roadmap based on your understanding of user and developer needs

  • Implement and improve automated testing across a wide range of scenarios

The skills you’ll bring include:

  • Ability to learn and evaluate new technologies quickly, digging into code to find answers. You’re comfortable with experimentation and uncertainty; not everything is spelled out, but everything is discoverable!

  • Interest in or experience with offensive security technologies and use cases.

  • Readiness to mentor and develop junior engineers, leading with empathy and strong user focus.

  • Ruby and Ruby on Rails. Ruby doesn’t necessarily need to be your primary language, but it helps to be able to understand and extend the techniques that Metasploit embodies.

  • Conversant in Git-based project development. You can review, merge, and rebase expertly, and can coach others on Git as needed.

  • Understanding of APIs, modern languages (e.g., Python, Ruby, Go), interprocess communication, and modern networking and deployment tooling (e.g., Kubernetes, AWS, Vagrant, Docker)

We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy — apply today.

About Rapid7​
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.