Sprocket Security · 2 days ago
Senior Penetration Tester
Wonder how qualified you are to the job?
Insider Connection @Sprocket Security
Responsibilities
Perform web application, network and wireless testing methodologies at scale.
Discover newly exploitable systems across our fleet of clients. It's fun to test that new vulnerability the day it's released!
Build payloads and C2 infrastructure that evades defenses.
Mimic tactics and techniques used by real-world adversaries.
Show impact with post-exploitation activities. Perform occasional point-in-time tests and red team (covert) engagements.
Build and perform social engineering tests at scale using the latest techniques and payloads.
Manage our platform by conducting tasks, write findings, and work with clients to help detect and prevent.
Develop tools and contribute to our automated infrastructure. You'll commonly program in the following languages: Ruby, Python, PowerShell, C# Bash, etc.
Advanced usage of the following tools: Burp Suite Pro, Nessus, Metasploit, CobaltStrike, etc.
Manage project lifecycles and present professionally to clients. Kickoff calls, debriefs, etc.
Work closely with development teams to migrate human-driven tasks into automation.
Work with AWS, Azure, terraform, ansible, and gitlab pipelines.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Degree (Graduate or a Senior) in Cybersecurity, Computer Science or Information
Seven or more years of hands-on penetration testing experience
Five or more years on hands-on Web App penetration testing experience
Red team, purple team, and adversary simulation experience
OSCP or equivalent skills-based certification mandatory
Detailed knowledge of identifying and exploiting vulnerabilities in Windows, Linux, and cloud-based systems
Social engineering (physical, phishing, vishing) experience
Programming experience in Ruby, Python, Bash. Bonus (C#, JavaScript, terraform, ansible)
Clear and concise verbal and written skills
United States resident
Preferred
Has industry involvement by contributes research, open-source projects, or public speaking
Experience managing or working with management on security projects and teams. Bonus if CISSP certified
Remote work acceptable
Preferred proximity to Madison, WI
Benefits
Unlimited and mandatory PTO for healthy work/life balance
Company matched 401k
75% company contribution for health insurance for employees and 50% for dependants
100% company contribution for dental and vision
Work whatever schedule works best for you
Hardware and tools of your choice
Support for career development with paid training, conferences, certifications, etc.
Company
Sprocket Security
Sprocket Security provides continuous security testing services.
Funding
Current Stage
Early StageTotal Funding
$8MKey Investors
Blueprint Equity
2024-03-28Series A· $8M
Recent News
2024-04-06
FinSMEs
2024-04-06
Company data provided by crunchbase