Are you a Cyber Rebel?
Find your dream cyber role at CovertSwarm.
The cyber industry is saturated with security companies providing out-dated, snap-shot ‘Penetration Testing’, ‘Red Team’ and ‘Ethical Hacking’ services.
To support their old-fashioned and ad-hoc client engagements they rely upon people just like you - skilled ethical hackers - to run ‘rinse and repeat’ testing schedules and processes against a never-ending carousel of clients.
The value felt by the clients from their point in time cyber engagements steadily decreases; as does the motivation, engagement and skillset of the security vendor’s offensive team.
No one wins.
CovertSwarm exists to break this cycle of cyber vendors employing highly skilled and inquisitive hackers to drive an endless and low-value cycle of: Test. Report. Move on. Repeat.
We chose to write this blog to speak to the job applicants we see as cyber rebels seeking a role that is fresh, new and different. Rebels looking for a way to leave a concerning cyber industry trend that we see where:
· You have been constantly pushed to be billable at rates that exceed 100%;
· Your resulting rates of burnout are high;
· Little or no time is permitted for your personal growth;
· No importance is placed on you being able to ‘give back’ to the security community;
· Corporate ‘thanks’ are only expressed in financial terms.
Traditional cyber security vendors are increasingly recognising they are selling out-dated, commoditised services that provides reducing client value, and sees staff engagement dwindling. In an effort to ‘pile it high and sell it cheap’ they attempt to improve reducing profitability by cutting staff training budgets; hiking ethical hacker utilisation and driving a low value ‘cookie cutter’ testing culture. This negative, transactional working culture drives limited ethical hacker career progression; vanishing opportunities for personal development; and no time allowed to explore interesting side projects that so often lead to fascinating cyber discoveries, ideas and innovation.
The problem is the Penetration Testing and Red Team industry as a whole has needed to change for a long time, and has remained rigid in its delivery of out-dated services. As we’ve covered in other blogs (Is your Penetration Testing Program delivering the value you expect to your business? and Annual Penetration Testing is no longer enough) point in time testing and a lack of focus on actual points of compromise means that current approaches just cannot keep pace with that of malicious threat actors.
The competitive nature of the legacy Pentesting and Red Teaming market paired with the lack of available skills – through inevitably high rates of ethical hacker churn - forces companies to drive their people as hard as they can. The result is that their workers are asked to flip from test to test and constantly context switch as scheduling teams reallocate staff as ‘resources’ in one big game of Tetris.
Your sales team just want to sell ‘days’ and there is little concern if there is enough time to cover the testing scope effectively, and that the right tests are even being run for the client...let alone asking whether you are providing them with valuable insights.
The impact on staff morale is seeing people vote with their feet.
You are the Cyber Rebels.
Let’s change the industry together.
Join CovertSwarm and let’s set the new standard for how offensive security teams operate and modernise legacy penetration testing, red teaming and offensive security approaches.
Choose to join a company that recognises the need for this change and is grateful to be welcoming skilled and motivated ethical hackers who want to drive a better future for everyone in CovertSwarm and the cyber security industry as a whole.
How are we shaking up the industry? We’re glad you asked...
1. We hack, constantly. Our sole aim is to constantly compromise our clients. We have a polar focus on finding the next point of compromise across our client base.
2. Our clients recognise that legacy offensive security approaches are broken and do not keep pace with what they are concerned about. Our clients are a mixture of enterprise, household brands and rapidly growing, well-funded start-ups who themselves are setting new standards in their respective industries; exactly as we are.
3. Our ‘Hives’ are filled with some of the very best and most talented people in the industry. They joined CovertSwarm because our environment enables them to do what they love: Hack. Creatively. All of the time.
4. We focus our attacks on the whole organisation, not a set ‘scope.’ We take a 10,000ft view of our targets and zoom in and out as needed.
5. We provide unlimited training to all of our people. If it’s going to help you, or your Hive to better compromise a client, we will support it.
6. We provide unlimited holiday to all of our people. If you need a break, then take it. We understand that downtime will bring you back energised and ready to find that next point of compromise...
7. We provide completely flexible working. You work when you want to and – critically - when it is best suited for you to compromise our clients.
8. You are not tied to a physically location or ‘office’ environment. We find and hire talented and driven people that fit our culture and are passionate about compromising client security. CovertSwarm is where YOU are.
9. We take a research-led approach and maintain a focus on the next point of compromise. Research against a target’s tech stack is not just encouraged, it’s mandatory. We actively encourage you to discover the unknown.
10.Guess what? No more scheduling Tetris or constant context switching: Your focus will be the whole client as a target. You will work with your Hive and our wider ‘Swarm’ of Hives to compromise that target, constantly.
11.You will use your skills to help others compromise their targets, and we’ll take you and the rest of our Swarm to DEF CON every year to share your stories and learnings with like-minded individuals.
Speak to us and find out more about life in, and with, CovertSwarm.