Skyrocket Ventures is a recruiting firm for hundreds of high growth technology companies that range from industry leaders to top-tier startups. This opportunity is with one of our client companies for a full-time permanent hire. Please only apply if you are authorized to work in the U.S.
Please note that even if this job is not a perfect match, we encourage you to apply as long as it is in the ballpark. Companies are often flexible in hiring candidates who do not perfectly fit their written job description, as long as the most important qualifications are there and the candidate is good in general.
Most of the jobs we are recruiting for are not posted online, so if you would like to know of all the opportunities we have that match your interests and qualifications, then please get in touch with us.
Feel free to check out testimonials from some of our many candidates/clients here:
The company's product is in the realms of edge computing and PaaS. It has raised a large round of funding from top investors. It has about 80 employees and 60 engineers, and is rapidly growing.
The company is seeking someone who is passionate about identifying security vulnerabilities in designs. You will work on continuously improving the security of the company's platform which is used to deploy global, scalable and secure applications. You will work on understanding the architecture and implementations of the platform, building tools to identify vulnerabilities, providing example exploitation code/steps, recommending mitigation strategies, and performing verification of mitigation.
- Collaborating with the company's architects, operations, and business leaders to understand the attack surface areas, prioritize assessment areas based on threat level, document test plans, design testing solutions, and implement them to provide strong security to the platform.
- Conducting vulnerability assessments at the Web, Network, Container, and System levels using tools (such as Burp Suite, Cobalt Strike, Empire, Metasploit, Nessus, Nexpose, nmap, etc.) as well as manual techniques. Writing your own tools and automation scripts for repeated testing.
- Doing hands-on coding in multiple languages while considering performance, maintainability, scalability and flexibility
- Staying abreast of industry best practices around Web Application Security, System security, Container Security, etc. and making them part of your recommendations.
- Making use of existing monitoring and alerting systems and/or building tools to alert on anomalies in system behavior.
- Demonstrating technical leadership in your domain areas; mentoring non-security teams and reviewing the security fixes.
- Vetting various open source and closed source technologies, components, tools, libraries, etc.
- Excellent verbal and written communication skills
- A BS degree in computer science or equivalent
- At least 2 years of experience in Red Teaming
- Experience with vulnerability assessment, thread modeling, etc.
- Deep understanding of Application, Web and Network penetration testing techniques
- Proficiency in at least one programming or scripting language such as Python, Go, C, C++, Powershell
- Solid understanding of web, networking, and protocols such as HTTP, TCP, DNS, TLS, IPSec, etc.
- Knowledge of Cloud and Cloud-native technologies like Docker and Kubernetes
- Experience using phishing and other social engineering tactics
- Ability to effectively communicate findings and mitigation strategies to stakeholders and to develop comprehensive and accurate reports and presentations for both technical and executive audiences
Nice to have:
- Industry Certifications such as OSCP, OSCE, GPEN, CREST
- Experience writing highly reliable backend services
- Experience running Bug Bounty
- Experience reviewing source code
Did you like this job or want to see more? All of our online job postings can be found on these sites:
Follow us on Instagram here:
Follow us on LinkedIn here: