×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Penetration Tester, Vector Command, Social Engineering Specialist

Job in Belfast, County Antrim, BT1, Northern Ireland, UK
Listing for: Divvy Cloud Corp.
Full Time position
Listed on 2026-01-16
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
  • Engineering
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Do you enjoy attacking networks? Do you enjoy sifting through large amounts of attack surface, crafting novel attack chains to breach a client’s perimeter, gaining initial access, laterally moving, and demonstrating impact, all while evading security teams and their controls? As a penetration tester on the Global Services team at Rapid7, you will help our clients improve their security posture through your technical skills and knowledge of both offensive and defense strategies.

About the Team

Vector Command is an always-on Red Team operation supporting multiple customers. As part of a specialized team, you will emulate real adversaries by performing large-scale reconnaissance, identifying exposed or high-value assets, and discovering weaknesses that can be leveraged for compromise. After gaining access, the team continues with post-compromise objectives to demonstrate real impact, evade detection, and assess the effectiveness of security controls.

This service evaluates far more than vulnerabilities—it tests the customer’s entire security posture and defense-in-depth strategy.

In addition to offensive operations, you will support customers through external attack surface analysis, exposure reconnaissance, integration of accounts and tools, preparation of monthly Red Team reports, and prioritization of customer requests. Daily collaboration with Vector Command operators is essential, as is maintaining awareness of new vulnerabilities, shifts in customer attack surfaces, and changes across customer environments.

About the Role

Your primary responsibility is to deliver Rapid7’s Vector Command Continuous Red Teaming service. In this role, you will design social engineering campaigns which function at scale, supporting numerous customers each month, emulating modern adversary TTPs. These campaigns focus on initial access, not click rates, and are often combined with external vulnerabilities or misconfigurations to demonstrate real-world impact. Specifically, your focus will be to:

  • Deploy, configure, and maintain social engineering infrastructure to perform phishing operations at scale.

  • Perform manual and automated reconnaissance at scale to identify targets for social engineering operations each month.

  • Leverage external network vulnerabilities reported by Vector Command team members in targeted real-world social engineering attacks (incorporate subdomain takeovers, cross-site scripting, etc. into campaigns).

  • Research the latest techniques in social engineering and implement them in monthly campaigns.

  • Research and test methods to bypass social engineering defenses such as email filters, download restrictions, multi-factor authentication mechanisms, etc. Be an expert in sending phishing emails which make it to the client’s inbox.

  • Design and execute vishing campaigns.

  • Incorporate payloads provided by the Red Team lead into phishing and vishing operations.

  • Upon successful credential breach or payload execution, evaluate the impact and coordinate with Vector Command team members for post-compromise breach simulation.

  • Collaborate closely with a team of Red Team operators, participating in daily meetings to establish attack objectives and operational direction.

  • Develop and maintain positive relationships with clients and understand their business and needs.

  • Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards and leading practices

The skills and qualities you’ll bring include:

  • 5+ years in an active technical security role

  • Strong knowledge of the following:

    • Advanced Social engineering techniques and tactics

    • Infrastructure management and deployment (domain records, web servers, terraform, ansible, phishing website creation).

    • Modern penetration testing tools and methods

    • Network, wireless and web application security concepts

  • Experience using interpreted languages (Ruby, Python, PHP, etc.)

  • Knowledge of common regulatory structures and obligations and common I.T. governance.

  • Bug Bounty experience, identifying novel vulnerabilities in arbitrary internet-facing attack surfaces

  • Certifications such as OSCP, OSCE, GXPN, OSEE,…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search