GrepJob
Sprocket Security

Penetration Tester

Sprocket Security
Apply
3 months ago
Remote, WorldwideMid Level / Senior

Responsibilities

  • Perform web application testing using established and self-created methodologies.
  • Conduct network and wireless testing methodologies at scale.
  • Discover newly exploitable systems across client fleets.
  • Build payloads and C2 infrastructure that evade defenses.
  • Mimic tactics and techniques used by real-world adversaries.
  • Show impact with post-exploitation activities.
  • Manage the platform by conducting tasks, writing findings, and collaborating with clients.
  • Build scripts, tooling, or templates to improve testing efficiency.
  • Utilize advanced tools like Burp Suite Pro, Nessus, and Metasploit.
  • Manage project lifecycles and present findings to clients.
  • Work closely with development teams to automate human-driven tasks.
  • Engage with AWS, Azure, terraform, ansible, and gitlab pipelines.

Requirements

  • Three or more years of hands-on penetration testing experience.
  • One or more years of hands-on web application penetration testing experience.
  • Detailed knowledge of identifying and exploiting vulnerabilities in Windows, Linux, and cloud-based systems.
  • Programming experience in Ruby, Python, and Bash; bonus for C#, JavaScript, terraform, ansible.
  • One publicly available contribution to the security community.
  • Clear and concise verbal and written communication skills.
  • Must be a United States resident.
  • OSCP or equivalent skills-based certification is mandatory or must be obtained within 12 months.
  • Adversary Simulation experience is preferred.
  • Experience managing or working with management on security projects and teams is a bonus.

Benefits

  • Unlimited and mandatory PTO for a healthy work/life balance.
  • Company matched 401k with immediate eligibility.
  • 75% company contribution for health insurance for employees and 50% for dependents.
  • 100% company contribution for dental and vision insurance.
  • Flexible work schedule focused on results rather than fixed hours.
  • Choice of hardware and tools.
  • Support for career development with paid training, conferences, and certifications.

Tech Stack

AnsibleAWSAzureBashC#JavaScriptPowerShellPythonRubyTerraform

Categories