Join the team!
Looking for a new chellenge within a team of specialized Cybersecurity experts? Or interessted in joining to manage the business around a team of Hackers? We might have something in store for you....
Business Administrator
Half-time, Germany
Fluent German required
​
As a Business Administrator you complete organizational and management tasks that support the productivity and growth of our international organization and its Cybersecurity offerings:
-
Project Management to streamline and improve business operations such as training bootcamps and red teaming events
-
Handle business finances and plan the budget with the help of the leadership team and team members
-
Oversee marketing and promotions for a company’s services, with our internal and external stakeholders
-
Negotiate vendor contracts to identify cost-saving opportunities
A successful Business Administrator at Exploit Labs is an analytical thinker with a solid understanding of accounting principles. This role requires someone who enjoys working as an internal interface to our external accountant team and tax lawyer, ensuring the smooth management of financial tasks. Excellent attention to detail and communication skills are essential, along with the ability to collaborate with multiple teams and manage financial workflows. Experience in tech or cybersecurity is a plus.
​
Join the Heart of Our Operations at Exploit Labs!
Are you a dynamic and independent person ready to drive growth in a cutting-edge cybersecurity company? As part of our team, you will have the opportunity to shape our company’s future, streamline our processes, and lead us to new heights. If you have a knack for managing complex projects and a passion for the tech industry, we want to hear from you!
Apply now to be part of a team that values innovation, efficiency, and growth.
Let's create something extraordinary together at Exploit Labs!
​
Penetration Testing, Red Teaming & Training
At ExploitLabs, we recognize Vulnerability Analysis, Penetration Testing, and Red Teaming as distinct disciplines within Cybersecurity. While both are highly technical, they require different skill sets and approaches. We don't consider one more prestigious or challenging than the other; instead, we respect the unique value each brings to securing our clients' environments.
To maintain a high standard of expertise, we are moving to foster a separation of duties, while ensuring that every team member has a solid foundation to contribute meaningfully to each discipline. At the same time, we cultivate subject matter experts who provide the team with cutting-edge insights, helping us stay innovative and ahead of emerging threats.
​
Why do we do it this way?
-
Collaboration: Flexibility is key to how we work. We regularly mix and match team members to ensure everyone has the chance to contribute and learn. You might find yourself working alongside someone with specialized expertise, taking on a support or learning role—or leading the way yourself.
-
Creativity: Two minds are better than one. Combining different perspectives often sparks innovative, out-of-the-box ideas that drive better results for both the project and the client.
-
Knowledge Transfer: The technical overlap between Penetration Testing and Red Teaming allows us to continuously share insights and expertise, fostering ongoing learning and professional growth.
-
Technical Excellence: We prioritize specialized knowledge to maintain a high standard of expertise. Without this focus, we risk becoming generalists—Jack of all trades, master of none.
​
A Little Extra
At Exploit Labs, we're proud to be an official Learning and Channel Partner of OffSec. As part of our team, every member is encouraged to become an instructor in their area of specialization—whether in web app penetration testing, network penetration testing, or advanced exploitation techniques. Through our comprehensive "train-the-trainer" programs, you'll develop the teaching skills to share your expertise and actively contribute to our cutting-edge training initiatives.
​
For Penetration Testers, teaching specialized SOC courses offers a unique opportunity to enhance your skills. By learning how security operations centers detect and respond to attacks, you'll gain deeper insights that sharpen your evasion tactics—giving you a significant advantage in the field.
​
Join a team that values continuous learning, expertise, and knowledge sharing to stay ahead in the cybersecurity landscape.
Vulnerability Assessment & Penetration Testing
Remote: Germany or United Arab Emirates
Fluent German required
​
Intern Penetration Tester:
Your background:
-
Study in a relevant field
-
Curiousity in the field
-
Technical affinity between Linux, Windows, networking and other IT aspects
​
Your journey
-
As an intern you will get exposure to a multitude of relevant support work across the topics of red teaming, penetration testing and training:
-
Trying out new tools for the team and report back
-
Adjust existing tooling and fix bugs, implement new features
-
Create new TTPs across our custom toolchain
-
Prepare technical exercises for our trainings
-
Support in administrative tasks around marketing, setting up projects, ensuring hardware / software is in place and understand was is all part of an offensive security project beyond the technical testing part
-
​​
Junior Penetration Tester:
No open slots at this time.
​
​
Regular Penetration Tester:
You bring
-
Solid experience as a pentester with certifications like OSCP
-
Ability to manage projects autonomously or with team members, following our guidelines
-
Ability to execute Penetration Tests across multiple domains (i.e. Web, Mobile, Infrastrcuture...)
-
Ability and willingness to support colleagues in client acquisition by providing insights into our methodologies and how they benefit clients
-
Assisting Seniors and Principals in delivering comprehensive projects
-
Delivering training from OffSec and OWASP portfolios and our custom trainings
​
You get:
-
A 3-year development plan that guides you from your current level to Senior, covering both technical skills and social/management skills
-
In-depth knowledge of platforms like Kali Linux and Commando VM
​​
​
Senior Penetration Tester:
-
Ability to independently manage projects from initial request to final report.
-
Ensuring knowledge sharing within the team, either through active participation or mentoring other team members
-
Actively involved in acquiring new core clients through webinars, 1:1 sessions, and developing new landing pages and social media formats
-
You have experience in teaching others, be it from an academic or professional background
-
You do have a genuine interesst to teach others and see them succed in applying such new knowledge
​
​​
Penetration Testing Partner:
-
As a seasoned veteran, you’ve seen and done it all. You’ll lead your own team and be responsible for its success. You’ll collaborate with other partners to acquire (follow-up) projects and explore new markets and clients
-
Together, we’ll develop strategies to improve performance based on your and your team’s KPIs, advancing each team member individually
-
You’ll work technically with your team to develop solutions for complete projects, ensuring success even in hardened environments or implementing new approaches like covert access
-
You will unlock compensation packages for you and your team based on the team's performance.
​
Red Team Operator
Remote: Germany or United Arab Emirates
Fluent German required
​
​
Senior Red Team Operator:
​​
You bring:
-
You are at home with Cobalt Strike or comparable attack tool chains. Setting up and maintaining agile and resilient infrastructure is your daily business
-
You do have exerpience to customize beacons per engagement and can furnish these by applying insights gained from our cyber ranges and project-specific labs i.e. circumventing certain EDRs or hardned environments
-
You think in graphs. A Red Team report is not a list of vulnerabilities. You can make a connection between a technical attack narrative, defense capabilities and business impact
​​
You get:
-
An individual development plan to further sharpen your faviourite area of expertise.
-
A team based development plan to make sure you have all the skill neded to perform across the board of red teaming
-
Dedicated research time to further your and your team's skills to stay up to date outside of a given project scope and making sure you have time to follow the latest Twitter EDR drama
​
​
Red Team Partner:
​​​
-
10+ years of progressive offensive engineering experience with expertise in multiple offensive security domains, including Penetration Testing, Reverse Engineering, Application Security, Secure SDLC, and social engineering
-
Capabilities and experience in leading Red Teaming projects and teams that span multiple months including stakeholder management
-
Strategic thinking towards continuously improving our offerings, ranging from cyber-physical assesments to nativ-cloud engagements
-
You have multiple years of experience applying common Red Teaming frameworks such as TIBER, CBEST, AASE or comparable others
-
Your lead your very own team of highly motivated Red Team Operators.
-
Your team will engagege in exhilarating projects staked against some of the best Blue Teams across Europe, as well as the MENA and GCC areas
-
Participation in work groups such as the FIRST Red Team Special Interest Group
-
You will unlock compensation packages for you and your team based on the team's performance.
Why Exploit Labs?
A small list of perks and particularities
Responability and Impact
At Exploit Labs, every team member carries significant responsibility, with their work directly shaping how we approach Penetration Testing and Red Teaming. You're not just a small part of the process; you're actively driving change and making a real impact in our cutting-edge security engagements. We encourage application of the Extreme Ownership framework.
OffSec Certification & Learning Opportunities
As an official OffSec Learning and Channel partner, all team members receive "train-the-trainer" education in their area of expertise. Become an instructor in specialized streams like SOC, Web/Network Pen Testing, or Exploitation, gaining teaching experience while deepening your own skills. Teaching roles in SOC courses provide insights into how attacks are detected, giving you a unique edge in refining your evasion techniques.
Education and training budgets
For eligible candidates we provide support for pursuing your Bachelor, Master, or PhD while working with us, covering tuition, travel, and accommodation costs if on-site attendance is required. Your study schedule is important to us, and we will plan time off from projects to ensure you can focus on your academic goals. As an official OffSec partner, you'll receive an enterprise "All Access" pass to OffSec courses, and we also explore additional training options tailored to both individual and team needs.
Socializing
Since COVID, much of the required travel has been reduced, which is a positive change. However, this presents the challenge of maintaining a strong team connection. To address this, after years of running the local OWASP chapter, we launched The Red Team Garage in Frankfurt, a community event focused on Red Teaming, where our team hosts open sessions. Additionally, we encourage team members to meet at the office for collaborative work, even when on-site presence isn't necessary. Teaching alongside a colleague in OffSec Bootcamps is also a fantastic way to bond and learn from each other.
Personal Advancement
We understand that your entire career journey won’t be with us, and we actively support your future goals. We have open conversations about your aspirations and help guide your progress toward them. Many of our former team members have gone on to become SANS instructors, transitioned into new fields, or taken different career paths. We encourage the team to present at various conferences and will take care of the expenses and allocate time for sufficient preparation.
Personal Sustainability
At Exploit Labs, we’ve prioritized a sustainable work pace from the very beginning, even though we recognize that some periods can be more demanding. While we track utilization, it’s not something for you to worry about. Your primary focus is delivering exceptional work, while our sales team manages project assignments. We regularly check in to ensure you're taking time off, monitor stress levels, and continuously improve operations to support a healthy work-life balance.
Internal work VS project work
Balancing ongoing projects like penetration testing or red team engagements with internal tasks such as updating methodologies, maintaining infrastructure, or keeping up with industry trends can be challenging. We understand this and have dedicated specific times for internal improvements that are as crucial as client work. This ensures that your projects stay on track while our team continuously evolves, giving you peace of mind as we enhance our overall expertise and service quality.
Company-wide insights
At Exploit Labs, we operate like a close-knit family, giving you valuable insights into our strategic and tactical planning. From new partnerships to financial planning and controlling, you'll have a clear understanding of where we generate revenue, where we invest, and how we shape our future. You’ll be treated as a key stakeholder, with a vested interest in the company’s success.
