Job Information
SRLabs Red Team Consultant (m/f/d) in Berlin, Germany
As a Red teamer (Senior/Mid-Level) at SRLabs, you work in a small and specialized team simulating infiltrations of corporate environments with high levels of protection for our clients. From obtaining initial access via external vulnerabilities or phishing, over lateral movement and to a domain takeover, you take part in the full chain of emulating adversarial cyber attacks.
To remain undetected and complete your mission, you are able to avoid noise and bypass detection solutions and other protection measures. You analyze protection and monitoring gaps for their technical and operational root causes, and provide actionable steps for closing these gaps, bearing in mind the customer specific constraints our clients are facing. Your strategic advice supports the management in defining the security roadmap and employing security budget most effectively.
Responsibilities
Participate in red team engagements at SRLabs' clients
Perform external penetration testing and run phishing campaigns
Bypass protection measures and move undetected inside corporate networks
Develop tools, scripts and exploits for red team engagements
Create presentations to communicate risk and provide strategic advice on process optimizations
Support the client in addressing findings, in both, written and verbal communication
Develop methodologies to extrapolate from Red Team insights to generic security assurance checks
(Optional) Lead red team exercises and take responsibility for what comes with it (scoping, task management, escalations, ...)
Requirements
Strong baseline knowledge of information technology, covering topics like
Operating systems
Networking and web technologies
Programming languages (e.g. Python, C(++), Rust, Go, Java)
Curiosity and a high awareness for quality
Excellent communication skills in English
Experience in the field of offensive security
Nice to have
Relevant expertise from areas like
Penetration testing (Infrastructure, web, ...)
Active directory and Entra ID security
Malware delivery and development
Incident response
Vulnerability research and exploit development
Reconnaissance, OSINT and social engineering
Operational security and bypassing of security measures (AV/EDR, endpoint and infrastructure hardening, SIEM generated alerts, Honeypots, ...)
Detection engineering and SOC operation
Experience in management consulting and communication
Perks and Benefits
Diverse team of highly motivated and competent security experts
Culture of constant learning and improvement
Flexible home office
Yearly company retreat
Urban Sports Club membership
Deutschlandticket (public transportation)
Apply now
We are looking forward to receiving your application.