Technical and Operations
multiple locations in the US
what: you will be working for US clients of ROS, an internationally operating secruity firm on a freelance base, on multiple locations in time, its a series of assingments, so permanent in a way, but the setup is freelance
where: remote WFH, maybe on site if clients wants this
how: the organisation of the work is based on chatrooms; you and all stakeholders have an account, the customer is also in the chatroom; all in chat, most of time you will work in a team, with European pentester(s), in the beginning there will be mentoring form senior pentesters; we use our own automation system (of course) and use the chatroom, with github for documentation; information flows from the chatroom into github, thus creating part of the documentation. Dont worry: after 2-3 assignments you will see how easy the system works
how tech: you have technical freedom to use tools to your own judgement; be aware the heavy preference is towards opensource, no propriatary pentesting tools; not only because of the licensing costs, but mostly because of our filosofy.
- No sketchy stuff
- We don't build surveillance systems, hack activists, sell exploits to intelligence agencies, or anything like that. If a job is even remotely morally questionable, then we won't do it.
- Teach to fish
- During engagements, we will not only share our results with your company, but provide a step-by-step description of how to perform the same audit or procedure without us. We want to demystify what we're doing. It's not rocket science.. and we genuinely want to help your company improve its security posture.. even if it costs us repeat business.
- Releasing ALL tools and frameworks we build as open source on our website.
- IoCs for free
- Releasing ALL collected threat intelligence (Indicators of Compromise) into an open source database that everyone can freely use. (Sanitized in agreement with customers.)
- Zero days
- We don't sell zero-days.. we responsibly disclose them!