Security Research Labs
20.10.2019

Smart speakers from Amazon and Google offer simple access to information through voice commands. The capability of the speakers can be extended by third-party developers through small apps. These smart speaker voice apps are called Skills for Alexa and Actions on Google Home. The apps currently create privacy issues: They more… “Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping”

Blockchain has a patch problem
17.05.2019

SRLabs research suggests that security vulnerabilities remain unpatched for many Ethereum blockchain participants for extended periods of time, putting the blockchain ecosystem at risk. Crypto currencies provide a popular alternative to centralized payment systems, and promise transactions between mutually anonymous parties, often called “trustless” transactions. More specifically, blockchain participants rely more… “The blockchain ecosystem has a patch problem”

Bites

Detect mobile networks abuse on your Android phone.

Check protection capabilities of networks world-wide.

Find security flaws in SIM cards.

Collect threat information about reprogrammable USB peripherals.

Show issues in outdated access and payment cards.

Join our growing research team.

Projects

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

We are seeking to drive security evolution, combining insights from research, industry, and the hacker community. We focus on everyday technologies that expose many people to risk, most recently mobile communication and payment systems. Our goal is to fix issues before consumers are put at risk; or publicly discuss flaws in systems where this did not happen. Our lab is an open collective of like-minded thinkers. If you are interested in our projects and the lab, get in touch or consider working with us.
Lab

Work at the Lab —

Responsibilities

- Investigate whether patches are applied in the Android ecosystem
- Create new patch tests heuristics
- Reverse engineer firmwares
- Automate tasks using python
- Improve our analysis toolchain

Key skills

- Fluent English
- Basic knowledge of reverse engineering binaries
- Experience using Ida or NSA Ghidra
- Confident with C, Python, Java; C++ and Assembly is a plus
- Interest in Android and hardware security
- Enjoy low level work
- Able to work independently
- Experience using git version control system

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

This role will lead the technical team in Hong Kong. As the main technology security lead, you will require an understanding of the business roadmap to articulate requirements for technology solutions that enable new capabilities and support client strategies, with security as a focus.

Your Responsibilities:
• Establish and execute action plans to improve cyber security in various frontages, across organizations
• Build, improve, and maintain innovative processes to assess and enhance the security of the clients
• Work side-by-side with business leaders and the team on the development of ethical hacks, tools, and approaches - providing insight into the innovative use of existing and emerging technologies that can accelerate the growth of the business
• Ensure consistent "checks" to guarantee high-quality performance of the tools, code and hacking methods
• Strong technical leader and mentor to the team of talented ethical hackers; continuous development of technical experts and the ability to build a knowledge-sharing and learning organization
• Maintain a strong awareness of technology trends, innovative uses of software and emerging best practice for relevant devices, systems, processes, and data and ensure that the company’s strategy is flexed as appropriate to reflect such developments
• Coordinate with the technical experts in Berlin, create and maintain good documentation, ensure effective internal communication and regular reporting

Key skills

The future Tech Lead comes with in-depth knowledge when it comes to IT Security and related topics, who is skilled in reducing complexity and experienced with driving a technical team towards success.

Your Key Skills:
• Strong English language skills
• Previous experience in a security/hacking team or several years of business experience in a challenging and responsible position
• Proficient in Python and familiar with Linux, networking, databases, GIT
• Strong troubleshooting and problem-solving skills
• Expert knowledge of IT-Security and IT-Risk management
• Strong organizational and communication skills
• Enjoys thinking in terms of the ‘Big Picture’
• Penetration testing experience or other security background is a plus
• Experience in an international organization, strong stamina, a high energy level and drive
• High flexibility, carrying capacity, efficiency and assertiveness
• Strong analytical skills with the ability to advise, prioritize, measure success combined with the ability to choose correctly from alternative solutions in new and varying circumstance

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

• Support sales organization with presentations and product demos
• Identify and develop potential new business opportunities together with sales organization
• Respond to functional and technical elements of RFIs/RFP
• Respond to customer questions on technical and business-related issues
• Convey customer requirements to Product Management, Marketing and Engineering teams
• Conduct product go-to-market strategy to develop business opportunities
• Partner with customers to understand their business needs and effectively communicate the company's value proposition through relationship, proposals and presentations.
• Train and maintain in close contact with business partners
• Seasoned speaker at conferences, exhibitions and other sales related events

Key skills

• 5-7 years of pre-sales experience in tech (ideally cybersecurity products)
• Deep understanding of the cybersecurity space
• Experience supporting partner channels or white labelling
• Ability to interact at the executive and technical level (internally and externally).
• Excellent organisation and time management skills, with the ability to prioritise
• Excellent interpersonal, communication, and presentation skills
• Excellent English is required, additional languages appreciated

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

Responsibilities

• You are end-to-end responsible for the operation of the SRLabs consulting business
• You are leading HR processes, in particular hiring and professional development
• Our IT admin team report to you
• You are preparing financials and shape our business strategy

Key skills

• You have experience in high-impact and top-management consulting, but seek a less client-facing responsibility for your next journey
• You can integrate a diverse team of technology experts
• You enjoy and understand how to grow a company financially and staffing-wise
• You are curious about security research
• You communicate fluently in English
• You enjoy a dynamic and flexible work environment which you want to shape further

Your Application

We are looking forward to receiving your application consisting of your CV, cover letter and your preferred start date at: recruiting@srlabs.de

Responsibilities

• Build, improve and maintain innovative tools to assess and enhance the security of our clients
• Develop code that is secure by design
• Ensure the continued high-quality performance from our tools
• Understand and work with the infrastructure of our cloud services
• Create and maintain thorough documentation
• Communicate with the office in Berlin; understand the ‘big picture’

Key skills

• English language proficiency
• A security/privacy mindset and are curious about security research
• Software development experience on a large project in a team
• Proficiency in Python or Java programming languages
• Familiarity with Linux, networking, databases, GIT
• Strong troubleshooting and problem-solving skills; can work independently
• Bonus points: Penetration testing experience

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.id

Responsibilities

• You contribute hacking knowledge to SRLabs research projects
• You work with our young and motivated expert team on practical hacking problems
• You conduct cutting-edge research on popular systems that have evaded scrutiny for years
• You design, build, and sometimes operate innovative tools to enhance the security of our clients
• You contribute design ideas to secure systems and will help the greater community building secure technologies

Key skills

• You have a deep technical knowledge of mobile and web security, and authentication schemes
• You ideally have experience already with cryptology or cryptanalysis
• You can read and break code in languages such as Python, Java, C[++] and PHP
• You have taken over machines and attacked networks, e.g in CTF contests
• You can configure systems to be more attack-resistant
• You enjoy working in a dynamic and motivated team

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting [you know what to put here] srlabs.de.

Responsibilities

• Support security strategy projects at Fortune500 clients
• Work in international client teams and with the SRLabs research team in Berlin
• Coordinate the compilation of main project deliverables and presentations
• Create leading security expertise to at least one technology

Key skills

• You have a strong technical affinity
• You enjoy solving analytical problems and structuring complex information
• You bring a security/privacy mindset, interest on security research results
• You like helping clients solve challenging problems, and perhaps already have some management consulting experience
• You enjoy a dynamic and flexible work environment

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting [you know what to put here] srlabs.de.

Responsibilities

• Lead security strategy projects at Fortune500 clients
• Work in international client teams and with the SRLabs research team in Berlin
• Coordinate the compilation of main project deliverables and presentations
• Build up leading security expertise, lecture at conferences

Key skills

• You enjoy and are good at analytical problem solving and strategic decision making
• Your technical affinity is strong
• You bring integrative skills and expertise as a project manager
• You have a security/privacy mindset, interest in security research results
• You have strong experience in high-impact and top-management consulting
• You communicate fluently in English and one other major language
• You enjoy a dynamic and flexible work environment to which you want to contribute leadership

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting [you know what to put here] srlabs.de.
Careers