We pride ourselves on the work we do.

Every company member delivers on our services, and we have a strong sense of pride and unity. Everyone has a specialty, but at Lares® we strive to help every team member develop to their fullest potential. We strongly support community involvement. Engineers will have scheduled research, teaching, and speaking time, and yearly trips to conferences and classes are encouraged.

Application Security Consultant

Network Penetration Tester

Project Manager

General Application

No Results Found

Application Security Consultant

Job Description
Do you feel most at home with a browser and a proxy at your fingertips? Do you feel like scanners are just to catch the low-hanging fruit and that the real findings are left for the human testers? Have you tested hundreds of applications and still want more? If this describes you, you’re in luck! We are looking for an experienced developer/application security tester to join our team of highly skilled penetration testers.

If you feel most at home with a scanner and manually following up on those vulnerabilities, this is NOT the kind of job we are offering.

Minimum Requirements

  • Three (3) years of experience exclusively performing application security testing/code review or five (5) years of mixed experience performing application security assessments, code review, and software development
  • Advanced ability to detect, define, exploit, and remediate OWASP top 10 vulnerabilities without the use of a vulnerability scanner (a browser, a proxy, an editor, and YOU)
  • Extensive experience/expertise in using an attack proxy (Burp, Zap, etc.)
  • Experience in the use of source code scanners (Veracode, Fortify, Sentinel, Checkmarx, AppScan Source, etc.) and the ability to manually validate findings/eliminate false positives
  • Experience using web application vulnerability testing suites is expected (Netsparker, AppScan, WebInspect, Acunetix, etc.)
  • Intermediate knowledge of C, C#, Python, Objective C, Java, Javascript, SQL, Angular JS, etc.
  • Intermediate knowledge of Web Services technologies such as XML, JSON, SOAP, REST, AJAX, etc.
  • Programming experience in two of the following languages: C#, Java, Python, Ruby
  • Experience with Enterprise Java or .NET web application frameworks
  • Database knowledge in MS SQL, MySQL, Oracle, etc.

Our consultants are expected to treat everyone they work with the utmost respect. Our clients are our partners, and we are an extension of their team, whether for a single engagement or as part of a multi-year engagement. Every position at Lares is client-facing, so you need to be able to write reports, communicate ideas, answer questions, and interact with clients respectably. If you think that clients are dumb and their code sucks, this is not the right place for you.

Nice to Have Skills

You should know your way around the common professional exploitation frameworks (e.g. Core Impact, Canvas, Metasploit) and have a strong working knowledge of exploitation outside the typical “click to exploit” type of testing. We are not asking if you can scan something and only attempt an exploit in msf/Core/Canvas.

You should have full working knowledge of Kali Linux or similar testing distributions and most of the tools. Experience with penetration testing as a consultant is preferred. We believe that writing reports are just as important as finding flaws, so you should be able to communicate professionally and write clear and concise reports.

Mobile application testing experience in Android and iOS is a plus.

Though not required, the following certifications would be considered nice to have: CISSP, CISA, OSCP, OSWP, OSCE, OSEE, OSWE, any of the GIAC certs, CEH, LTP, etc.

Note: Lares will always value hands-on and demonstrable skills ahead of industry certifications.

Culture

If you are looking for a straight 9-5 job, you’re probably better off looking elsewhere. We work hard and play even harder. We expect you to live your life and enjoy it, but we also want you to have just as much fun working with the team and our list of clients. We are a family and treat each employee AND client as a member of that family.

Community Involvement

We strongly support community involvement, and our team members regularly speak at conferences worldwide. Our consultants have time in their schedules dedicated to research and teaching/speaking. Yearly trips to conferences and classes are also encouraged.

Salary & Benefits

Salary is commensurate with experience and includes access to some of the industry’s best medical, dental, and vision coverage. Lares also provides an open vacation policy and values the organization’s sick, personal wellness, and volunteer days.

If you’re still reading and interested, please send a resume and a note to information@lares.com explaining why you think you would be a good fit.

Network Penetration Tester

Job Description
Do you feel like scanners are just to catch the low-hanging fruit and that the real findings are left for the human testers? Have you tested hundreds of networks and still want more? If this describes you, you’re in luck! We are looking for an experienced network penetration security tester to join our team of highly skilled penetration testers.

If you feel most at home with a scanner and manually following up on those vulnerabilities, this is NOT the kind of job we are offering.

Minimum Requirements

  • Three (3) years of experience exclusively performing network security testing or five (5) years of mixed experience performing application security assessments, network security assessments, and software development
  • Advanced ability to detect, define, exploit, and remediate vulnerabilities without the use of a vulnerability scanner (a browser, a proxy, an editor, and YOU)
  • Intermediate knowledge of C, C#, Python, Objective C, Java, Javascript, SQL, Angular JS, etc.
  • Programming experience in two of the following languages: C#, Java, Python, Ruby
  • Database knowledge in MS SQL, MySQL, Oracle, etc.
  • Interface with clients to determine and understand their needs
  • Develop detailed reports on findings and remediations
  • Familiarity with Windows Internals
  • Vulnerability and exploit development research
  • Evade EDR devices such as Windows Defender and Carbon Black to avoid detection by defenders/behavioral-based alerting to further the engagement objectives
  • Conduct open-source intelligence gathering, network vulnerability scanning, exploitation of vulnerable services, lateral movement, install persistence in a target network(s), and manage C2 infrastructure
  • Develop payloads, scripts, and tools that weaponize new proof-of-concepts for exploitation, evasion, and lateral movement
  • Communicate effectively with team members and during an engagement
  • Ability to think unconventionally to develop adversarial TTPs
  • Keep current with TTPs and the latest offensive security techniques

Our consultants are expected to treat everyone they work with the utmost respect. Our clients are our partners, and we are an extension of their team, whether for a single engagement or as part of a multi-year engagement. Every position at Lares is client-facing, so you need to be able to write reports, communicate ideas, answer questions, and interact with clients respectably. If you think that clients are dumb and their code sucks, this is not the right place for you.

Nice to Have Skills

You should know your way around the common professional exploitation frameworks (e.g. Core Impact, Canvas, Metasploit) and have a strong working knowledge of exploitation outside the typical “click to exploit” type of testing. We are not asking if you can scan something and only attempt an exploit in msf/Core/Canvas.

You should have full working knowledge of Kali Linux or similar testing distributions and most of the tools. Experience with penetration testing as a consultant is preferred. We believe that writing reports are just as important as finding flaws, so you should be able to communicate professionally and write clear and concise reports.

Though not required, the following certifications would be considered nice to have: CISSP, CISA, OSCP, OSWP, OSCE, OSEE, OSWE, any of the GIAC certs, CEH, LTP, etc.

Note: Lares will always value hands-on and demonstrable skills ahead of industry certifications.

Culture

If you are looking for a straight 9-5 job, you’re probably better off looking elsewhere. We work hard and play even harder. We expect you to live your life and enjoy it, but we also want you to have just as much fun working with the team and our list of clients. We are a family and treat each employee AND client as a member of that family.

Community Involvement

We strongly support community involvement, and our team members regularly speak at conferences worldwide. Our consultants have time in their schedules dedicated to research and teaching/speaking. Yearly trips to conferences and classes are also encouraged.

Salary & Benefits

Salary is commensurate with experience and includes access to some of the industry’s best medical, dental, and vision coverage. Lares also provides an open vacation policy and values the organization’s sick, personal wellness, and volunteer days.

If you’re still reading and interested, please send a resume and a note to information@lares.com explaining why you think you would be a good fit.

Project Manager

Job Description
We are looking for someone to take on a key role in our customer success team! The project manager will be responsible for supporting customers, stakeholders, and the team with an emphasis on developing strong relationships, improving processes and procedures, and operationalizing new metrics. From the planning stages allocating resources until final feedback has been given, the project manager will assist those working on service deliverables by tracking progress, monitoring the project, and providing the right level of communications and control to ensure success.

Responsibilities

  • Define and operationalize new metrics and reporting
  • Continually work to expand upon and improve the efficiency and accuracy of all metrics reporting process and procedures and help to implement new strategies as needed to reduce errors and improve measurement
  • Provide support for operational and ad-hoc information customized reports for specific audiences
  • Leads team effort in relentless improvement
  • Define and implement improvement stories to increase the velocity and quality of the program
  • Implement and support principles, rules, and processes
  • Proactively identify and eliminate impediments and facilitate flow
  • Maintain team data in Wrike to support estimates and execution
  • Create or analyze business requirements documents and project timelines
  • Able to do postmortem and root cause analysis to help teams continuously improve their practices to ensure maximum productivity
  • Establish and nurture a business and project management relationship with clients
  • Work in close contact with technical staff members to understand service offerings and determine the best course of action within the project lifecycle
  • Manage the planning, prep, and delivery of all assessment projects for clients
  • Ensure high-quality delivery while adhering to project scope, objectives, and margin requirements
  • Make effective decisions and communications under pressure
  • Work through issues/risks with clients in assessment planning, preparation, and delivery
  • Develop resource plans and facilitate the onboarding/off-boarding of resources with practice leads and customers
  • Work with the client through project readiness steps, schedule, and hold a kickoff call for each assessment project
  • Monitor and track assessment team progress and report back to the client
  • Host conference calls and meetings as required with clients and the assessment team(s)
  • Facilitate debriefs/review of findings with clients and the technical assessment team
  • Receive and track periodic, ongoing requests from clients regarding specific project needs
  • Address and monitor all incoming customer communications
  • Build and provide status reports for key Lares stakeholders, technical team, and management
  • Escalate all items, including those urgent, from the client to the appropriate resource or manager
  • Draft project plans and ancillary documents for key client engagements as well as in support of sales efforts with RFP or key prospects
  • Draft invoice requests and track purchase orders

Responsibilities

The right candidate will have a customer-service outlook and understand that how we deliver is equally as important as what we deliver and the significance of building a positive experience for internal and external customers. If you believe you possess the positive team-playing attitude, adaptability, and critical thinking we are looking for, we would love to hear from you!

  • The right candidate will have worked in an environment where detail-oriented behavior was required at a fast pace on an ongoing basis
  • Ability to consistently respond to customer needs and perform tasks in a timely and effective manner
  • Excellent client management skills
  • Ability to use positive language when framing communications
  • Excellent written and verbal communication skills
  • Emotional intelligence – relating to customers, stakeholders, and team members
  • Ability to empathize with a customer and craft messaging that moves things toward a better outcome
  • Attentiveness and active listening
  • Excellent written and verbal communication skills – with strong phone and email skills
  • Schedule, budget, and invoice management
  • Issue management and resolution
  • Negotiation skills, specifically in conflict resolution and stakeholder management
  • Project planning and knowledge in project management and processes
  • Project leadership and goal-oriented focus
  • Tenacity and willingness to do what needs to be done
  • Deep understanding of the fundamentals of iterative and incremental development
  • Deep understanding of agile metrics (tasks, backlog tracking, burndown metrics, velocity, user stories, etc.) to analyze and improve process and planning
  • Experienced and deep understanding of project, task, and workload management in Wrike or other project management software
  • The expertise in agile methodology and frameworks (Scrum, Kanban)
  • Experience with MSWord, Excel, Outlook, Project, and other general office applications
  • BA/BS or equivalent work experience
  • Minimum of three years of professional experience in project management
  • Qualifications and experience that are a plus:
    • PMP Certification
    • Customer Service or consulting experience
    • Ability to understand and represent both the business and services with technical delivery
    • Experience working with Salesforce entry, reporting, and dashboards
    • Bilingual in English and German

Culture

If you are looking for a straight 9-5 job, you’re probably better off looking elsewhere. We work hard and play even harder. We expect you to live your life and enjoy it, but we also want you to have just as much fun working with the team and our list of clients. We are a family and treat each employee AND client as a member of that family.

Salary & Benefits

Salary is commensurate with experience and includes access to some of the industry’s best medical, dental, and vision coverage. Lares also provides an open vacation policy and values the organization’s sick, personal wellness, and volunteer days.

If you’re still reading and interested, please send a resume and a note to information@lares.com explaining why you think you would be a good fit.

General Application

Don’t see a job posting that matches what you’re looking for but still want to work with us? Send us your resume today at information@lares.com.

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2019 Lares, LLC | All rights reserved.
Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.