Ethical Hacker (Infrastructure + Red Team)

Packetlabs was built by an ethical hacker after seeing vulnerability assessments presented as penetration tests. Our slogan "Ready for more than a VA scan?" drives at the importance of not providing our clients with a false sense of security.

We are a passionate team of highly trained, proactive ethical hackers. We provide expert-level penetration testing services that are thorough and tailored to help foster a safe digital space where everyone has the right to privacy and security. Packetlabs consultants find weaknesses others overlook and continuously learn new ways to evade controls. We hold ourselves to a very high standard.

To do so, we only hire individuals with the same drive and passion.

Who we are looking for

• Core values:
• Customer-first mentality. Is a great communicator with clients, project managers, and teammates. Rapid responses and on time.
• You deliver work that you take pride in. Your work is an autograph of your excellence.
• Digs deeper into every finding. Doesn't stop until impact is proven.
• Is comfortable being uncomfortable. Goes towards obstacles, not away from them. Consulting isn't your typical job and requires adapting to rapidly changing environments.
• Is always learning. Cybersecurity is changing every day, and you need to keep up or want to keep up. Be deeply aware of your skillset and be willing to improve.
• Self-motivated and dependable.
• Is humble. Egos don't have a place at Packetlabs.
• Education and experience:
• Proven infrastructure and red team experience.
• OSCP is mandatory.
  

What you’ll be doing

• Penetration testing of infrastructure that includes on-premises, hybrid, and cloud environments. Extensive knowledge in:
• Developing access with no privileges but network access.
• Active directory:
• AD exploitation as a user without access to a domain user account. Gain a foothold in the network through misconfigurations, exploitation and AD-specific attacks.
• Exploitation as a low-privileged domain user. Elevate privileges and laterally move within the network through abusing misconfigurations, exploitation and poor security configuration.
• Elevating privileges on a specific machine.
• Leveraging privileged access to compromise multiple segmented AD environments.
• Combining all of the above along with credential access, evasion, and lateral movement to demonstrate impact and risk.
• Red teaming
• Demonstrate the ability to engineer resilient infrastructure and creative TTPs as part of the red team lifecycle.
• Ability to thrive in complex infrastructure environments and tackle technologies you might not be familiar with.
• Utilize common offensive security testing tools and tradecraft, and ability to customize existing toolsets to remove common IOCs.
• Possesses a deep knowledge of the entire red team lifecycle (Initial Access, Recon, Persistence, Lateral Movement, Privilege Escalation, Data Exfiltration, and Objective Completion).
  

Why us?

• Immediate and continual offensive security training
• Wealthsimple GRSP with corporate matching
• Participation in corporate benefit plans
• Amazing team and working environment
• Competitive compensation and growth opportunity