Security Research Labs
20.10.2019

UPDATE December 17, 2019: Attacks still possible Six weeks after first publicly discussing the Smart Spies attacks, we performed some retests to see whether Google and Amazon implemented sufficient checks to mitigate the attacks. The below video, filmed on December 5th, shows that all malicious Skills/Actions we submitted were still more… “Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping”

Bites

Detect mobile networks abuse on your Android phone.

Check protection capabilities of networks world-wide.

Find security flaws in SIM cards.

Collect threat information about reprogrammable USB peripherals.

Show issues in outdated access and payment cards.

Join our growing research team.

Projects

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

We are seeking to drive security evolution, combining insights from research, industry, and the hacker community. We focus on everyday technologies that expose many people to risk, most recently mobile communication and payment systems. Our goal is to fix issues before consumers are put at risk; or publicly discuss flaws in systems where this did not happen. Our lab is an open collective of like-minded thinkers. If you are interested in our projects and the lab, get in touch or consider working with us.
Lab

Work at the Lab —

Responsibilities

- Create detailed, comprehensive and well-structured test plans and test cases
- Develop and implement testing processes for new and existing products to meet client needs
- Execute an end-to-end testing activities: estimate, prioritize, plan and coordinate testing activities
- Identify, record, document thoroughly and track bugs
- Coordinate with internal teams (e.g. developers and product managers) to identify system requirements
- Stay up-to-date with new testing tools and test strategies

Key skills

- Solid understanding of Python, Mysql, Shell script, Docker, and Vue.Js
- Software development and software quality assurance experience
- Strong knowledge of software QA methodologies, tools, and processes
- Experience in writing a clear, efficient, and comprehensive test plans and test cases
- Hands-on experience with both white box and black box testing
- Familiarity with an Agile/Scrum development processes
- Experience with performance and/or security testing is a plus
- English language proficiency

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter to: recruitment@srlabs.id

Responsibilities

* Lead the execution of the go-to-market strategy for our early stage security SaaS product
* Define, represent and communicate product from a business point of view; Document high level requirements
* Work with senior leadership to align on product requirements and business strategy
* Continuously iterate on the product to reach product-market fit; manage the optimization of the backend database and front-end user experience
* Measure and monitor product readiness and scalability
* Translate product vision to roadmaps and backlogs in a cross-functional environment
* Coordinate with an international team across our Berlin, HK and Jakarta offices

Key skills

* Fluent English with strong communication and stakeholder management skills
* Technology background; cybersecurity knowledge is an asset
* Previous experience managing a technical product
* Demonstrates customer focused and need-driven approach with an empathy for users
* Experience using roadmap tool like trello, github or gitlab
* Strong understanding of agile principles; experience implementing and running them

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter — at: recruiting@srlabs.de

Responsibilities

* Drive security strategy projects to optimize the security posture of our global Fortune500 clients
* Manage security evaluations and conduct root cause analysis
* Derive future action strategy, build the security road map and steer the technical teams
* Advise our clients on investment decisions with relation to IT security
* Monitor and assess the efficiency and effectiveness of security solutions and defense strategies
* Orchestrate the actions of, align them with and convince key stakeholders
* Understanding roadblocks and negotiating solutions
* Organizing and conducting presentations and workshops
* Produce high quality deliverables, including reports and presentation slides aimed at C-level executives

Key skills

* Fluent English; multlingual is a plus
* Strong communication skills; people-person character
* Solid professional experience in high-impact top managment strategy consulting
* Clear professional focus on technical/IT challenges
* Strong understanding of IT security and/or IT strategy
* Strong understanding of how different IT concepts fit together and interact (security products, network configuration, architecture, etc)
* Real-world experience in an enterprise environment lending to an understanding of typical technological pitfalls
* Enjoys being client facing and traveling for work (~40-60%)

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

- Be the trusted advisor on all matters security, to international Fortune500 clients
- Conduct technical analysis including networking scanning, web & mobile penetration testing, forensic analysis, architecture review and code review
- Quickly understand client systems, identify problems areas, advise on solutions and drive implementation
- Coordinate with and advise client's technical teams; technical consulting
- Organize and conduct presentations, trainings and workshops
- Produce high quality deliverables, including reports and presentation slides

Key skills

- Fluent English; multilingual is a plus
- Strong communication skills
- Strong understanding of IT security basics; both offensive and defensive
- Experience with Windows; Active Directory experience is a plus
- Technical project management experience is an asset
- Strong Microsoft Office skills (Powerpoint, Excel and Word)
- Experience giving technical presentations, trainings or workshops
- Enjoys being client facing and traveling for work (~25%)
- Experience in at least two of the following areas:
- security monitoring, blue teaming, SOC
- network scanning, vulnerability management
- forensic analysis, incident response
- web, mobile and device pen testing, red teaming
- architecture and code review
- cloud security and configuration management
- cryptography and key management

Your Application

We are looking forward to receiving your application consisting of your CV and cover letter — at: recruiting@srlabs.de

Responsibilities

- Participate in hands-on software development
- Make critical decisions about the software architecture
- Support development with important technical decisions (database engines, libraries, etc.)
- Conduct code review with a focus on maintainability, functionality and security
- Coordinate with and support the DevOps team
- Create and enforce coding guidelines
- Maintaining project documentation

Key skills

- Strong proficiency in English and good communication skills
- Confidence using Python; Java, .net or C# experience is a plus
- Solid enterprise software development and architecture design experience
- Big picture thinking
- Quick learning and comfortable working with complex systems
- Strong understanding of security basics

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruitment@srlabs.de

Responsibilities

This role will lead the technical team in Hong Kong. As the main technology security lead, you will require an understanding of the business roadmap to articulate requirements for technology solutions that enable new capabilities and support client strategies, with security as a focus.

Your Responsibilities:
• Establish and execute action plans to improve cyber security in various frontages, across organizations
• Build, improve, and maintain innovative processes to assess and enhance the security of the clients
• Work side-by-side with business leaders and the team on the development of ethical hacks, tools, and approaches - providing insight into the innovative use of existing and emerging technologies that can accelerate the growth of the business
• Ensure consistent "checks" to guarantee high-quality performance of the tools, code and hacking methods
• Strong technical leader and mentor to the team of talented ethical hackers; continuous development of technical experts and the ability to build a knowledge-sharing and learning organization
• Maintain a strong awareness of technology trends, innovative uses of software and emerging best practice for relevant devices, systems, processes, and data and ensure that the company’s strategy is flexed as appropriate to reflect such developments
• Coordinate with the technical experts in Berlin, create and maintain good documentation, ensure effective internal communication and regular reporting

Key skills

The future Tech Lead comes with in-depth knowledge when it comes to IT Security and related topics, who is skilled in reducing complexity and experienced with driving a technical team towards success.

Your Key Skills:
• Strong English language skills
• Previous experience in a security/hacking team or several years of business experience in a challenging and responsible position
• Proficient in Python and familiar with Linux, networking, databases, GIT
• Strong troubleshooting and problem-solving skills
• Expert knowledge of IT-Security and IT-Risk management
• Strong organizational and communication skills
• Enjoys thinking in terms of the ‘Big Picture’
• Penetration testing experience or other security background is a plus
• Experience in an international organization, strong stamina, a high energy level and drive
• High flexibility, carrying capacity, efficiency and assertiveness
• Strong analytical skills with the ability to advise, prioritize, measure success combined with the ability to choose correctly from alternative solutions in new and varying circumstance

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

• You are end-to-end responsible for the SRLabs consulting business
• You lead HR processes, in particular professional development
• Our consulting team leads report to you
• You lead and guide the teams on client engagement and oversee the quality of our consulting delivery
• You shape our business strategy

Key skills

• You have experience in high-impact and top-management consulting, but seek a less client-facing and less travel-heavy responsibility for your next journey
• You can integrate a diverse team of technology experts
• You enjoy and understand how to grow a company financially and staffing-wise
• You are curious about information security
• You communicate fluently in English
• You enjoy a dynamic and flexible work environment which you want to shape further

Your Application

We are looking forward to receiving your application consisting of your CV, cover letter and your preferred start date at: recruiting@srlabs.de

Responsibilities

• Build and maintain our websites, and the front-end of our security tools and product
• Develop code that is secure-by-design
• Work closely with designer; implement designs
• Work together with data engineers to visualise data
• Deliver animated and interactive content

Key skills

• Excellent programming knowledge with focus on responsive web applications
• Advanced knowledge of HTML, CSS and JavaScript (ES6)
• Comfortable working with Vue or React frameworks
• Experience with Python and Flask
• Experience with webtools like Webpack, Nuxt.js
• Experience with prototyping tools like Figma or Sketch
• Interest in cybersecurity is appreciated!

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

• Build, improve and maintain innovative tools to assess and enhance the security of our clients
• Develop code that is secure by design
• Ensure the continued high-quality performance from our tools
• Understand and work with the infrastructure of our cloud services
• Create and maintain thorough documentation
• Communicate with the office in Berlin; understand the ‘big picture’

Key skills

• English language proficiency
• A security/privacy mindset and are curious about security research
• Software development experience on a large project in a team
• Proficiency in Python or Java programming languages
• Familiarity with Linux, networking, databases, GIT
• Strong troubleshooting and problem-solving skills; can work independently
• Bonus points: Penetration testing experience

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruitment@srlabs.id
Careers