
Security Research Labs · Berlin
ABOUT US: SRLabs is home to knowledge leaders securing critical infrastructures in finance, energy, and telecommunications. We focus on hands-on hacking resili...
SRLabs is home to knowledge leaders securing critical infrastructures in finance, energy, and telecommunications. We focus on
hands-on hacking resilience – not compliance –, which we shape by combining our hacking research with impactful consulting work
for innovation leaders that have a natural thrive for cutting-edge technologies.
We are looking for Security Consultant to join our team in Berlin to drive security evolution through ethical hacking, research
and consulting.
We welcome candidates from strong technical backgrounds, including software engineering, cloud/platform engineering, systems
architecture, and infrastructure operations – who are looking to transition into cybersecurity consulting.
In this role, you will be primarily responsible for providing security consulting services to a wide variety of clients. You work
closely with hackers, researchers, and consultants to identify security issues and provide recommendations in complex, large-scale
and one-of-a-kind-environments.
architecture & code review, etc.
organization
technologies)Exceptional analytical and quantitative problem-solving skills
access management, vulnerability management, penetration testing, red teaming, embedded systems security)
We are looking forward to receiving your application.
ABOUT US: SRLabs is home to knowledge leaders securing critical infrastructures in finance, energy, and telecommunications. We focus on hands-on hacking resilience – not compliance –, which we shape by combining our hacking research with impactful consulting work for innovation leaders that have a natural thrive for cutting-edge technologies. What makes us unique? We come from diverse backgrounds from all over the world, and that's just the way we like it. From coding, reverse engineering, penetration testing, exploit scripting, process design, research and consulting skills, our mix of colleagues possesses a vast set of qualifications, that equips us to influence design decisions of large-scale organisations. YOUR RESPONSIBILITIES Job brief: As a Red teamer at SRLabs, you work in a small and specialised team simulating infiltrations of corporate environments with high levels of protection for our clients. From obtaining initial access via external vulnerabilities or phishing, over lateral movement and to a domain takeover, you take part in the full chain of emulating adversarial cyber attacks. To remain undetected and complete your mission, you are able to avoid noise and bypass detection solutions and other protection measures. You analyze protection and monitoring gaps for their technical and operational root causes, and provide actionable steps for closing these gaps, bearing in mind the customer specific constraints our clients are facing. Your strategic advice supports the management in defining the security roadmap and employing security budget most effectively. Your Responsibilities: * Participate in red team engagements at SRLabs' clients * Perform external penetration testing and run phishing campaigns * Bypass protection measures and move undetected inside corporate networks * Develop tools, scripts and exploits for red team engagements * Create presentations to communicate risk and provide strategic advice on process optimizations * Support the client in addressing findings, in both, written and verbal communication * Develop methodologies to extrapolate from Red Team insights to generic security assurance checks * (Optional) Lead red team exercises and take responsibility for what comes with it (scoping, task management, escalations, ...) WHAT DO YOU BRING? What do you bring: * Strong foundational knowledge of information technology, including (Operating systems, Networking and Web technologies) * Hands-on experience in offensive security and red teaming * Solid experience with Active Directory and Entra ID security * Experience in client-facing roles or security consulting, including (presenting technical findings to diverse audience and provide strategic advice to clients) * Infrastructure and web penetration testing * Proficiency in programming languages such as: * Python, C/C++, Go, Java * Excellent communication skills in English (written and verbal) Nice to have Relevant expertise from areas like * Malware delivery and development * Incident response * Vulnerability research and exploit development * Reconnaissance, OSINT and social engineering * Operational security and bypassing of security measures (AV/EDR, endpoint and infrastructure hardening, SIEM generated alerts, Honeypots, ...) * Detection engineering and SOC operation * Experience in management consulting and communication WHAT AWAITS YOU WITH US? What awaits you with us: * Diverse team of highly motivated and competent security experts * Culture of constant learning and improvement * Flexible home office. * You can work from anywhere in Germany * Yearly company retreat * Urban Sports Club membership * Deutschlandticket (public transportation) * 30 days paid vacation APPLY NOW We are looking forward to receiving your application.
ABOUT US: SRLabs is home to knowledge leaders in the areas of telco security, IoT hardware hacking, Blockchain, AI security, and software security more broadly. We focus on knowledge sharing and continuous learning – achieved through our research combined with the selection of interesting client projects, ranging from enterprise software to Web3 and AI-powered systems, that position us at the forefront of cutting-edge technologies. Our research regularly reaches a global audience through conference talks and publications, and widely used open-source tools. YOUR RESPONSIBILITIES Join our team as a Security Engineer to help clients ship software that stands up to attackers. We're hiring at the junior to mid-level, so whether you're early in your security career or have a couple of years of hands-on experience, we are looking for an ethical hacker at heart who thinks like an attacker. You’ll build and improve the tooling behind our software assurance work, run attacker-mindset audits across enterprise, Web3, and AI-powered systems, and work directly with client teams to strengthen their SDLC. If you have a passion for security tooling, code assurance, AI security, and hands-on consulting, we want to hear from you! * Tooling: Build and maintain tooling that powers our security reviews, including our in-house fuzzing framework and static/dynamic analysis pipelines. * Code audits: Conduct attacker-mindset code audits across enterprise and Web3 systems, including blockchain runtimes and smart contracts, using and extending our fuzzing framework. * AI & agentic security: Assess AI/LLM-powered applications and agentic systems for exploitable weaknesses (e.g. prompt injection, insecure tool use, data leakage) and explore how AI can be used to augment our own audits and tooling. * Reporting: Produce high-quality technical reports and presentations. * Client advisory: Advise clients on SDLC improvements, verify remediations, and help track risk-reduction KPIs * Remediation: Work closely with client developers of the client project team to report and remediate the discovered issues * Community & training: Participate in hacking exercises, contribute to our Security Ambassador program, and conduct developer trainings WHAT DO YOU BRING? * Security fundamentals: Understanding of software security fundamentals, secure architecture, and threat modeling across enterprise and Web3/blockchain systems. * AI/LLM security: Curiosity about AI/LLM security risks (prompt injection, model or data exfiltration, agentic tool misuse) or hands-on experience probing AI systems. * Vulnerability research: Track record of finding and exploiting real-world vulnerabilities (CTFs, bug bounties, pentests, or independent research): this role is for hands-on ethical hackers, security engineers. * Tooling & automation: Strong ability to automate and build tools for security review (static/dynamic analysis, fuzzing, CI integrations. * Communication: Excellent communication skills in English and German is a plus. * Languages: Familiarity with RUST, C/C++, GO and solidity are a plus. * Consulting mindset: Comfortable advising clients directly, explaining risk clearly, and guiding remediation. * Hacker mindset: A passion to grow in security. WHAT AWAITS YOU WITH US? * Unique opportunity to join the world of cybersecurity in Berlin * Diverse team of motivated Security Experts with people from many countries * A wide range of benefits: discounts on gym membership, public transport (BVG pass), German lessons * Annual company retreat * Further education, training, and certificate opportunities * Opportunity to contribute to research * Flexible home office * 30 days of paid vacation APPLY NOW Tell us what you have built or broken. Send your CV along with anything that shows your work: GitHub, CTF profiles, write-ups, bug-bounty history, or research you are proud of. We are looking forward to receiving your application! SRLabs is an equal-opportunity employer. We welcome applicants of all backgrounds.
ABOUT US: SRLabs is home to knowledge leaders securing critical infrastructures in finance, energy, and telecommunications. We focus on hands-on hacking resilience – not compliance –, which we shape by combining our hacking research with impactful consulting work for innovation leaders that have a natural thrive for cutting-edge technologies. We come from diverse backgrounds from all over the world, and that's just the way we like it. From coding, reverse engineering, penetration testing, exploit scripting, process design, research and consulting skills, our mix of colleagues possesses a vast set of qualifications, that equips us to influence design decisions of large-scale organisations. YOUR RESPONSIBILITIES Job brief: In this role, you lead a team of security consultants delivering consulting and assessment services such as offensive assessments, resilience improvements, or AI security engagements for some of the world's most complex organisations. You are equally comfortable in front of a client board and in the weeds of a red team debrief. Your responsibilities: * Lead and oversee security engagements including red teaming, TIBER/DORA resilience assessments, penetration testing, and AI-focused security reviews and others * Act as the primary point of contact for senior client stakeholders – translating technical findings into business risk and actionable recommendations * Manage project delivery across scope, timeline, quality, and team utilisation * Mentor and develop junior and mid-level consultants, providing hands-on guidance on complex engagements * Drive business development by contributing to proposals, scoping, and client relationships * Shape our AI security offering – including LLM red teaming, model security assessments, and AI risk frameworks * Contribute to research and thought leadership that keeps SRLabs at the cutting edge WHAT DO YOU BRING? * Proven hands-on background in security with the credibility to lead technical teams * Experience leading or managing security consulting engagements, including client-facing delivery at senior levels * Solid understanding of enterprise and resilience frameworks * Familiarity with AI/ML security concepts * Ability to communicate complex security issues clearly to both technical and non-technical audiences * Strong communication skills in English and German is nice to have * Experience writing proposals, scoping engagements, and managing expectations WHAT AWAITS YOU WITH US? * A senior role with real influence over how we build and grow our offensive security practice * Diverse team of motivated security experts from many countries and backgrounds * Opportunity to shape cutting-edge AI security work before it becomes mainstream * Annual company retreat – a week of working holiday packed with fun, team building, and knowledge sharing * Professional development: conference speaking, research publication, and training budget * Competitive salary and flexible home office * 30 days vacation period * A wide range of benefits (discounts on Urban sports gym and Public transport ticket) APPLY NOW We are looking forward to getting to know you! SRLabs is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for our team.