Full-Time

Senior Penetration Tester

Confirmed live in the last 24 hours

Sprocket Security

Sprocket Security

11-50 employees

Continuous penetration testing and risk monitoring

Cybersecurity

Senior, Expert

Remote in USA

Preferred proximity to Madison, WI.

Category
Cybersecurity
IT & Security
Required Skills
Bash
Microsoft Azure
Python
JavaScript
Ruby
C#
AWS
Terraform
Ansible
Linux/Unix
Requirements
  • Seven or more years of hands-on penetration testing experience.
  • Five or more years on hands-on Web App penetration testing experience.
  • Adversary Simulation experience.
  • Detailed knowledge of identifying and exploiting vulnerabilities in Windows, Linux, and cloud -based systems.
  • Programming experience in Ruby, Python, Bash. Bonus (C#, JavaScript, terraform, ansible).
  • Clear and concise verbal and written skills.
  • United States resident.
  • OSCP or equivalent skills-based certification mandatory, or will need to obtain within 12 months of employment.
  • Has industry involvement by contributes research, open-source projects, or public speaking.
  • Experience managing or working with management on security projects and teams. Bonus if CISSP certified.
Responsibilities
  • Perform web application testing methodologies at scale.
  • Perform network and wireless testing methodologies at scale from time to time.
  • Discover newly exploitable systems across our fleet of clients. It's fun to test that new vulnerability the day it's released!
  • Build payloads and C2 infrastructure that evades defenses.
  • Mimic tactics and techniques used by real-world adversaries.
  • Show impact with post-exploitation activities.
  • Manage our platform by conducting tasks, write findings, and work with clients to help detect and prevent.
  • Develop tools and contribute to our automated infrastructure. You'll commonly program in the following languages: Ruby, Python, PowerShell, C# Bash, etc.
  • Advanced usage of the following tools: Burp Suite Pro, Nessus, Metasploit, CobaltStrike, etc.
  • Manage project lifecycles and present professionally to clients. Kickoff calls, debriefs, etc.
  • Work closely with development teams to migrate human-driven tasks into automation.
  • Work with AWS, Azure, terraform, ansible, and gitlab pipelines.

Sprocket Security focuses on continuous penetration testing to help businesses improve their cybersecurity. Their services include real-time risk monitoring and remediation, which means they constantly check for vulnerabilities and help fix them. Sprocket Security uses a combination of human experts and automated systems to provide thorough security testing. Unlike many competitors, they offer year-round protection through ongoing assessments and simulations of potential attacks. Their goal is to help clients proactively manage their security risks and develop strong defense strategies.

Company Stage

Series A

Total Funding

$7.8M

Headquarters

Madison, Wisconsin

Founded

2017

Growth & Insights
Headcount

6 month growth

10%

1 year growth

220%

2 year growth

255%
Simplify Jobs

Simplify's Take

What believers are saying

  • Growing demand for continuous penetration testing boosts Sprocket Security's market potential.
  • Hybrid security solutions align with industry trends, enhancing Sprocket's competitive edge.
  • Recent $8M Series A financing indicates strong market confidence in Sprocket Security.

What critics are saying

  • Emerging startups offering similar services could dilute Sprocket Security's market share.
  • AI-driven hacking tools may challenge Sprocket's current testing methodologies.
  • Cybersecurity talent shortage could impact Sprocket's ability to scale human expertise.

What makes Sprocket Security unique

  • Sprocket Security offers continuous penetration testing with real-time risk monitoring.
  • The company combines human expertise with automated systems for comprehensive security solutions.
  • Year-round protection through adversary simulations and attack surface management is a unique offering.

Help us improve and share your feedback! Did you find this helpful?