Packetlabs was built by an ethical hacker after seeing vulnerability assessments presented as penetration tests. Our slogan "Ready for more than a VA scan?" drives at the importance of not providing our clients with a false sense of security.
We are a passionate team of highly trained, proactive ethical hackers. We provide expert-level penetration testing services that are thorough and tailored to help foster a safe digital space where everyone has the right to privacy and security. Packetlabs consultants find weaknesses others overlook and continuously learn new ways to evade controls. We hold ourselves to a very high standard.
To do so, we only hire individuals with the same drive and passion.
Who we are looking for
- Core values:
- Customer-first mentality. Is a great communicator with clients, project managers, and teammates. Rapid responses and on time.
- You deliver work that you take pride in. Your work is an autograph of your excellence.
- Digs deeper into every finding. Doesn't stop until impact is proven.
- Is comfortable being uncomfortable. Goes towards obstacles, not away from them. Consulting isn't your typical job and requires adapting to rapidly changing environments.
- Is always learning. Cybersecurity is changing every day, and you need to keep up or want to keep up. Be deeply aware of your skillset and be willing to improve.
- Self-motivated and dependable.
- Is humble. Egos don't have a place at Packetlabs.
- Education and experience:
- Proven infrastructure and red team experience.
- OSCP is mandatory.
What you'll be doing
- Penetration testing of infrastructure that includes on-premises, hybrid, and cloud environments. Extensive knowledge in:
- Developing access with no privileges but network access.
- Active directory:
- AD exploitation as a user without access to a domain user account. Gain a foothold in the network through misconfigurations, exploitation and AD-specific attacks.
- Exploitation as a low-privileged domain user. Elevate privileges and laterally move within the network through abusing misconfigurations, exploitation and poor security configuration.
- Elevating privileges on a specific machine.
- Leveraging privileged access to compromise multiple segmented AD environments.
- Combining all of the above along with credential access, evasion, and lateral movement to demonstrate impact and risk.
- Red teaming
- Demonstrate the ability to engineer resilient infrastructure and creative TTPs as part of the red team lifecycle.
- Ability to thrive in complex infrastructure environments and tackle technologies you might not be familiar with.
- Utilize common offensive security testing tools and tradecraft, and ability to customize existing toolsets to remove common IOCs.
- Possesses a deep knowledge of the entire red team lifecycle (Initial Access, Recon, Persistence, Lateral Movement, Privilege Escalation, Data Exfiltration, and Objective Completion).
Why us?
- Immediate and continual offensive security training
- Wealthsimple GRSP with corporate matching
- Participation in corporate benefit plans
- Amazing team and working environment
- Competitive compensation and growth opportunity
remote work