IT landscapes are becoming increasingly complex. Firewalls, WAFs and endpoint protection systems are now used in almost every company. But let’s be honest: are these solutions really as secure as the manufacturers promise?
The more exciting question is whether you can still get in. That’s exactly what we find out.
As an independent consulting and auditing company, we challenge the status quo of our clients’ IT security on a daily basis. We think cybersecurity differently – critically, boldly and practically. Our projects show how close theory and real attackers often are.
We combine technical expertise with an attacker mentality and use this to develop concrete security improvements. We are looking for people who are excited about taking technology apart, finding errors and doing this systematically time and time again.
Careful documentation is also important: meaningful pentest reports are part of our work.
Curious?
We are team players
Our job advertisements are deliberately open. We are not interested in standardized CVs, but in people who enrich our team both professionally and personally.
Qualifications, professional experience or age are of secondary importance – curiosity, willingness to learn and the desire to take on responsibility are crucial.
As we specialize in penetration testing, we provide intensive internal training and promote specific technical specializations. Those who start with us quickly grow into new roles.
Who we look after
Our clients include banks, health insurers, international construction groups, logistics companies and operators of critical infrastructure.
They commission us to identify attack vectors in their IT systems at – in other words, to find vulnerabilities before others do.
We carry out perimeter tests, intruder simulations, red teaming and many other types of offensive IT audits in accordance with the OWASP Testing Guide, PTES and the recommendations of the BSI.
Our projects are varied: sometimes mobile apps, sometimes websites, sometimes both. Every project presents us with new technical and creative challenges.
Who we are
We are a small, specialized team with flat hierarchies and short decision-making paths. With us, responsibility is taken on by those who are prepared to bear it.
Open communication and direct feedback are part of our everyday life. Flexible working hours and full remote working are a matter of course.
If you live in Hamburg, our modern office awaits you in the heart of the city – right next to Hamburg City Hall.
Application process
We are not standard pentesters. We are not interested in working through checklists or filling out reports that nobody reads. Quality is our top priority.
The market is full of service providers. We want to be among those who strive to improve every day – technically, professionally and personally. People who can identify with our aspirations and can imagine being part of our team – not just as employees, but as co-creators. Because our company grows with its tasks.
Applications are only possible via a single e-mail address, which has to be accessed via a technical puzzle.
Important: This puzzle is not a vulnerability. Attacks against our website are expressly prohibited. All you need is creativity, time and a developer console.
The puzzle does not automatically qualify anyone as a pentester, but it does show commitment, technical curiosity and genuine dedication – ideal foundations for a job interview.
Our selection process consists of two phases:
- Getting to know the management – together we will check whether the company strategy, culture and goals suit you and whether what we offer is in line with what you want to achieve.
- Get to know the team – you will meet the Team Lead and your colleagues from the Pentest team. If the chemistry is right, you are hired.
We only hire on a permanent basis.
The puzzle is:
It starts where the robot texts are.
When you have solved the puzzle, send us:
- An individual cover letter that shows who you are and why you fit in with us
- Your CV with references and certificates
- Work samples from bug bounty programs or own CTF results (e.g. THM, HTB, Vulnhub) – documented as if it were a real pentest
As soon as we receive your application, we will check it carefully and get back to you with clear feedback.
