Sprocket Security
Sprocket Security is an expert-driven offensive security platform specializing in continuous security testing, penetration testing, and adversary simulations. The company focuses on providing year-round protection through persistent testing and control validation against real-world threat actors. Sprocket Security works with industries such as manufacturing, finance, banking, and insurance to strengthen security postures by identifying potential attack paths and uncovering vulnerabilities in systems through their attack surface management services. They offer a range of testing services including social engineering and web application testing to detect vulnerabilities. By integrating automation and expert penetration testers, Sprocket Security provides a comprehensive solution for monitoring and securing IT assets continuously.
Penetration Testing • Continuous Penetration Testing • PTaaS
Senior Penetration Tester
June 3, 2024
Sprocket Security
Sprocket Security is an expert-driven offensive security platform specializing in continuous security testing, penetration testing, and adversary simulations. The company focuses on providing year-round protection through persistent testing and control validation against real-world threat actors. Sprocket Security works with industries such as manufacturing, finance, banking, and insurance to strengthen security postures by identifying potential attack paths and uncovering vulnerabilities in systems through their attack surface management services. They offer a range of testing services including social engineering and web application testing to detect vulnerabilities. By integrating automation and expert penetration testers, Sprocket Security provides a comprehensive solution for monitoring and securing IT assets continuously.
Penetration Testing • Continuous Penetration Testing • PTaaS
📋 Description
• Perform network, web application, and wireless testing methodologies at scale • Discover newly exploitable systems across our fleet of clients. It's fun to test that new vulnerability the day it's released! • Build payloads and C2 infrastructure that evades defenses • Mimic tactics and techniques used by real-world adversaries • Show impact with post-exploitation activities. Perform occasional point-in-time tests and red team (covert) engagements • Build and perform social engineering tests at scale using the latest techniques and payloads • Manage our platform by conducting tasks, write findings, and work with clients to help detect and prevent • Develop tools and contribute to our automated infrastructure. You'll commonly program in the following languages: Ruby, Python, PowerShell, C# Bash, etc • Advanced usage of the following tools: Burp Suite Pro, Nessus, Metasploit, CobaltStrike, etc • Manage project lifecycles and present professionally to clients. Kickoff calls, debriefs, etc • Work closely with development teams to migrate human-driven tasks into automation • Work with AWS, Azure, terraform, ansible, and gitlab pipelines
🎯 Requirements
• Degree (Graduate or a Senior) in Cybersecurity, Computer Science or Information • Four or more years of hands-on penetration testing experience • Red team, purple team, and adversary simulation experience • OSCP or equivalent skills-based certification mandatory • Detailed knowledge of identifying and exploiting vulnerabilities in Windows, Linux, and cloud -based systems • Social engineering (physical, phishing, vishing) experience • Programming experience in Ruby, Python, Bash. Bonus (C#, JavaScript, terraform, ansible) • Clear and concise verbal and written skills • United States resident
🏖️ Benefits
• Unlimited and mandatory PTO for healthy work/life balance • Company matched 401k (immediate eligibility, no one should have to wait to start saving) • 75% company contribution for health insurance for employees and 50% for dependants • 100% company contribution for dental and vision • Work whatever schedule works best for you. We care about results, not 9-5 • Hardware and tools of your choice • Support for your career development with paid training, conferences, certifications, etc.
Apply NowDiscover 100,000+ Remote Jobs!
Wall of Love
Frequently asked questions
We use powerful scraping tech to scan the internet for thousands of remote jobs daily. It operates 24/7 and costs us to operate, so we charge for access to keep the site running.
Of course! You can cancel your subscription at any time with no hidden fees or penalties. Once canceled, you’ll still have access until the end of your current billing period.
Other job boards only have jobs from companies that pay to post. This means that you miss out on jobs from companies that don't want to pay. On the other hand, Remote Rocketship scrapes the internet for jobs and doesn't accept payments from companies. This means we have thousands more jobs!
New jobs are constantly being posted. We check each company website every day to ensure we have the most up-to-date job listings.
Yes! We’re always looking to expand our listings and appreciate any suggestions from our community. Just send an email to Lior@remoterocketship.com. I read every request.
Remote Rocketship is a solo project by me, Lior Neu-ner. I built this website for my wife when she was looking for a job! She was having a hard time finding remote jobs, so I decided to build her a tool that would search the internet for her.