Offensive Security Analyst

Sprocket Security

Completely RemoteFull TimeInformation Technology
Posted Today

Job description

About the Company

Sprocket Security prioritizes offensive security for enterprises, empowering them to build robust defense strategies based on individual business risk through an expert-driven Continuous Penetration Testing platform.

Responsibilities

  • Triage, validate, and QA findings surfaced by automation to eliminate false positives
  • Author and refine findings to client-ready quality in the Sprocket voice
  • Calibrate severity based on real business impact
  • Handle the majority of findings independently and escalate complex cases to Adversarial Engineers
  • Feed pattern-level signal back to R&D to tune attack automations
  • Script away repetitive validation steps
  • Partner with R&D and Service Delivery teams on automation feedback loops

Requirements

  • Professional experience triaging or reproducing vulnerabilities from security tools (SAST/DAST/SCA/IAST)
  • Software programming experience, preferably Python
  • Exposure to utilizing Generative AI tools like Claude
  • Strong foundation in Development, IT, or Infosec
  • Hands-on ability to validate OWASP Top 10, network, and authentication issues
  • Clear, detail-oriented written communication skills
  • Ability to manage a high-volume queue independently

Preferred Qualifications

  • Security+, eJPT, CPTS, PNPT, or similar foundational credentials
  • CTF achievements (HackTheBox, TryHackMe, PortSwigger Academy)
  • Degree in Computer Science, Engineering, or IT
  • Interest in pursuing OSCP or equivalent certifications

Benefits

  • Unlimited and mandatory PTO
  • Company matched 401k
  • Health insurance contributions (75% for employees, 50% for dependents)
  • 100% company contribution for dental and vision
  • Flexible working hours
  • Choice of hardware and tools
  • Support for career development including paid training, conferences, and certifications

Skills & tools

PythonPenetration TestingCybersecurity

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01Vulnerability triage experience
  2. 02Python programming
  3. 03Generative AI exposure
  4. 04OWASP Top 10 knowledge
  5. 05Strong written communication
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches