It almost seems like eons ago when we were just some geeks having fun solving tech puzzles. We were discovering flaws in systems that we used every day. From this research, we soon realized it would be a bigger benefit for everybody if we started actually sharing our knowledge and help get more… “A decade of hacking – meet the people behind SRLabs”
Since 2018, SRLabs has refined Android patch analysis through the app SnoopSnitch . Recent SnoopSnitch data paints an improved picture of the Android ecosystem over what we saw in 2018 . All major vendors appear to apply patches more regularly, and some of the vendors implement security updates exceptionally fast. more… “The Android patch ecosystem – Still fragmented, but improving”
In the second half of 2019, Google and a group of mobile operators started implementing a new communication technology, Rich Communication Services (RCS) . RCS is poised to replace calling and text messaging for billions of people. It also introduces new messaging possibilities to make native text messaging be more more… “New RCS technology exposes most mobile users to hacking”
UPDATE December 17, 2019: Attacks still possible Six weeks after first publicly discussing the Smart Spies attacks, we performed some retests to see whether Google and Amazon implemented sufficient checks to mitigate the attacks. The below video, filmed on December 5th, shows that all malicious Skills/Actions we submitted were still more… “Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping”
Detect mobile networks abuse on your Android phone.
Check protection capabilities of networks world-wide.
Find security flaws in SIM cards.
Collect threat information about reprogrammable USB peripherals.
Show issues in outdated access and payment cards.
Join our growing research team.
Security Research Labs is a Berlin-based hacking research collective and consulting think tank.
Work at the Lab —
• You work with our world-class team of ethical hackers on practical and deeply technical problems in security
• You design, build, and operate innovative tools to enhance the security of our clients
• You contribute design ideas to secure systems and will help the greater community building secure technologies
• You are confident scripting with python; building tools, automation, etc.
• You have experience with secure source code review; can read and break code in many languages such as Python, Java, C[++], PHP or Rust
• You have pen testing experience; professional, CTFs, bug bounty hunting, etc.
• You also enjoy the process of remediation & helping to fix security issues
- Advise and work directly with client top management
- Actively plan and execute end-to-end project scope with significant degree of autonomy, yet tapping into best-in-class, niche SRLabs expertise
- Foster hands-on, can-do attitude by playing a pivotal role in problem solving and stakeholder management
- Become a trusted mentor both to SRLabs team members and clients
- Deep expertise either in cyber security or strategic IT risk management would be a strong advantage
- Demonstrated leadership ability in a team environment
- Exceptional analytical and quantitative problem-solving skills
- Active and initiative taking, eager to break new ground and to create opportunities for others
- Able to work effectively with people at all levels in an organization and can communicate complex issues in an effective way
- Fluency in English is a must, other languages are very welcome
- Model and evaluate infrastructure risks in blockchain environments
- Work with security engineers and development teams in IT security projects
- Automate infrastructure assessments and review software architecture designs
- Participate in hacking exercises, and conduct developer trainings
- Understanding of blockchain infrastructure, security implications and consensus algorithms
- Mathematics background or experience in Cryptography
- Experience in security threat modelling
- Ability to analyze and debug complex systems
- Experience in security hardening infrastructure systems
- Ability to automate and build tools for security reviews
- Confidence with Rust/C/C++/Python a bonus
- Qualify outbound opportunities and develop a strong demo pipeline for Account Executives via phone and email
- Meet monthly qualified opportunity goals to ensure company revenue objectives are met
- Gain and maintain in-depth knowledge of SRLabs technology, industry trends, and competition
- Use your social selling skills to generate interest among key players within targeted industries
- Assist in finding product market fit and build scalable sales processes
- Newcomers welcome; a previous job involving soft skills daily (e.g. Hospitality) or business background (apprenticeship or studies)
- You have a clear goal of why you want to do Sales
- Eager to learn more about Demand Generation and the IT Security industry
- Focused on the team effort first by sharing your best practices with others to achieve team goals
- Ability to give and take feedback
- Excellent communication, interpersonal, and organizational skills
- Native German and fluent English is a must
• Run web-based demonstrations of the Autobahn SaaS platform to close new business.
• Accurately forecast and meet your sales quota.
• Provide customer and prospect feedback to the product team.
• Negotiate agreements and keep records of sales and data
• Experience in a quota carrying position
• Experience in closing bigger deals such as 50K ARR
• Self-starter and hardworking individual, with a track record of success and drive for achievement.
• Strong communication, analytic, and listening skills, with a positive approach.
• Ability to engage in complex conversations with C-Level contacts
• Native German and fluent English is mandatory
• Experience with B2B Saas selling is a plus
• Cybersecurity knowledge is a great bonus
- Conduct technical analysis including networking scanning, web & mobile penetration testing, forensic analysis, architecture review and code review
- Quickly understand client systems, identify problems areas, advise on solutions and drive implementation
- Coordinate with and advise client's technical teams; technical consulting
- Organize and conduct presentations, trainings and workshops
- Produce high quality deliverables, including reports and presentation slides
- Strong communication skills
- Strong understanding of IT security basics; both offensive and defensive
- Experience with Windows; Active Directory experience is a plus
- Technical project management experience is an asset
- Strong Microsoft Office skills (Powerpoint, Excel and Word)
- Experience giving technical presentations, trainings or workshops
- Enjoys being client facing and traveling for work (~25%)
- Experience in at least two of the following areas:
- security monitoring, blue teaming, SOC
- network scanning, vulnerability management
- forensic analysis, incident response
- web, mobile and device pen testing, red teaming
- architecture and code review
- cloud security and configuration management
- cryptography and key management
• Establish and execute action plans to improve cyber security in various frontages, across organizations
• Build, improve, and maintain innovative processes to assess and enhance the security of the clients
• Work side-by-side with business leaders and the team on the development of ethical hacks, tools, and approaches - providing insight into the innovative use of existing and emerging technologies that can accelerate the growth of the business
• Ensure consistent "checks" to guarantee high-quality performance of the tools, code and hacking methods
• Strong technical leader and mentor to the team of talented ethical hackers; continuous development of technical experts and the ability to build a knowledge-sharing and learning organization
• Maintain a strong awareness of technology trends, innovative uses of software and emerging best practice for relevant devices, systems, processes, and data and ensure that the company’s strategy is flexed as appropriate to reflect such developments
• Coordinate with the technical experts in Berlin, create and maintain good documentation, ensure effective internal communication and regular reporting
Your Key Skills:
• Strong English language skills
• Previous experience in a security/hacking team or several years of business experience in a challenging and responsible position
• Proficient in Python and familiar with Linux, networking, databases, GIT
• Strong troubleshooting and problem-solving skills
• Expert knowledge of IT-Security and IT-Risk management
• Strong organizational and communication skills
• Enjoys thinking in terms of the ‘Big Picture’
• Penetration testing experience or other security background is a plus
• Experience in an international organization, strong stamina, a high energy level and drive
• High flexibility, carrying capacity, efficiency and assertiveness
• Strong analytical skills with the ability to advise, prioritize, measure success combined with the ability to choose correctly from alternative solutions in new and varying circumstance
• Develop code that is secure-by-design
• Work closely with designer; implement designs
• Work together with data engineers to visualise data
• Deliver animated and interactive content
• Comfortable working with Vue or React frameworks
• Experience with Python and Flask
• Experience with webtools like Webpack, Nuxt.js
• Experience with prototyping tools like Figma or Sketch
• Interest in cybersecurity is appreciated!
• Plan and supervise our network infrastructure (LAN & WAN) including open-source security (Firewall, IPS, Proxy, VPN gateway)
• Guide team and clients in questions of infrastructure and data security
• Ensure the availability and efficient use of network devices and servers
• Proactively monitor infrastructure to identify, optimize and resolve potential performance and security problems
• Enable our team of researchers by providing smoothly running IT services
• You are proficient in handling open source software, VMWare and VoIP products
• You are familiar with managing heterogeneous infrastructures
• You have monitored health/performance and patched servers regularly in a corporate environment
• You bring a security/privacy mindset
• You enjoy a dynamic and flexible work environment