Working at CODE WHITE

As a highly specialized company and for our exclusively technical services, we are looking for experienced, motivated and result-oriented

Senior Penetration-Tester / Red-Teamer (m/f/d)

who are not interested in (classic | short | scoped | on-site | compliance) Pen-Tests but would like to carry out realistic attacks as part of a professional team to improve the actual security resilience for selected clients.

Our "Initial Assessments" are extensive Red-Team assessments in which relevant companies are attacked holistically.
Our "Security Intelligence Service" constantly monitors the entire attack surface of large companies for real exploitable vulnerabilities.

What’s important to us:

  • Practical real-world experience (Red-Teaming, complex Pen-Tests, Vuln-Research)
  • Passion & intrinsic motivation for hacking
  • High willingness to learn and active contribution of special knowledge/skills to the team
  • Development of new attack techniques or tools, identification of new (0day) vulnerabilities
  • Interest in the international security community
  • Maximum integrity, reliability and fidelity

Good to have:

  • OSCP, OSCE, OSEE, OSWE, Red Team Operator
  • Readiness for Security Clearance

In return, we offer:

  • Complex attacks in a team and the highest technical level with a steep learning curve
  • Actual freedom to do security research
  • Hardly any meetings, no PM, no sales, no meaningless projects, no business trips
  • Tech-savvy management team
  • Individual technical equipment
  • Participation in trainings / conferences worldwide
  • All inclusive: fine lunch in restaurants, massages, gym, healthy snacks & good coffee
  • Salary++
  • Yearly participation in corporate success
  • Employer-funded pension
  • Office locations in germany (Ulm & Mannheim) as well as home office option

If you are interested, we look forward to a compelling application including your desired salary to the appropriate e-mail address.

System Engineer/System Administrator (m/f/d)

to help support our teams by providing central applications and operating our infrastructure securely and reliably.

Our services simulate realistic cyberattacks to our clients and permanently monitor their entire attack surface for exploitable vulnerabilities. To be able to conduct these complex attacks and collaborate efficiently, our teams rely on internal and cloud-based applications. However, as experts in cyberattacks we are also a valuable target for external attackers and must therefore maintain an extremely high level of security in all infrastructure.

Together we will provide solutions based on the requirements of our teams to facilitate their work and continually improve and monitor existing applications. To do this, we must constantly weigh the benefits of a solution against its risks and master the balancing act between security and usability, without being bound by compliance requirements.

Work-from-home is generally not a problem. But since many of the tasks must be carried out physically in our offices, this is not a remote position.

What you will be doing:

  • Ensuring business operations
  • Operating, extending, monitoring, securing all our IT systems, including:
    • network infrastructure
    • physical and virtualized servers
    • cloud resources
    • in-house and third-party applications
    • office infrastructure
  • Planning and launching new applications based on business requirements
  • Automating and standardizing existing processes
  • Technical support for internal users

What's important to us:

  • Good understanding of IT security, Linux, networking and virtualization
  • The ability to understand new technology and assess its potential quickly
  • Willingness to learn and active engagement in problem solving
  • Motivation to build well structured, automated and documented infrastructure

Good to have:

  • Experience with infrastructure as code (Terraform, Ansible)
  • Experience with CI/CD
  • Experience with infrastructure and security monitoring

What you can expect from us:

  • Real and unmatched exposure to the global world of cybercrime and its prevention
  • Lean processes: only strictly necessary meetings, no unrealistic sales promises to meet, flat hierarchies within the project and company structure
  • No business trips
  • No deadlines and senseless milestones
  • Free choice of hardware setup
  • Participation in worldwide trainings and conferences
  • All inclusive: fine dining, massages, fitness studio, healthy snacks, drinks and coffee
  • Annual bonus
  • Salary++
  • Company pension scheme

We are looking forward to receiving your meaningful application at: