Apply if you can!

Do you have what it takes to join CODE WHITE?

Prove it (and have fun) at https://apply-if-you-can.com. This challenge is aimed at Red Teamers and experienced Penetration Testers and it is way more meaningful to us than a classic application.

Scroll through our open positions: not every role requires completing apply-if-you-can.com but some come with their own unique challenge…

Senior Red Teamer (m/f/d)

Location: Germany (Ulm, Mannheim, hybrid or fully remote)

CODE WHITE is a highly specialized offensive security boutique headquartered in Ulm, Germany. Since 2014, we've been pushing the boundaries of intelligence-driven security by conducting highly realistic Red Team Assessments. Our focus is on real-world attack simulation - not compliance-driven penetration tests.

We're looking for an experienced Senior Red Teamer (m/f/d) who thrives on sophisticated attack scenarios and wants to work as part of a highly technical team that values autonomy, research, and deep expertise over (classic | short | scoped | on-site | compliance) Penetration Tests.

What matters to us:

  • Maximum integrity, reliability, and team spirit
  • Passion for hacking & deep technical curiosity
  • Hands-on experience in advanced Red Teaming and real-world attack scenarios
  • Strong offensive security skills, including exploit development, lateral movement, and stealth techniques
  • Ability to craft custom payloads & tools to bypass modern security defenses
  • Deep understanding of Windows/Linux internals, Active Directory security, and attacker TTPs

Nice to have:

  • OSCP, OSCE, OSEE, OSWE, CRTO or similar certifications (but skills matter more than certs)
  • Security clearance eligibility

What we offer:

  • Technical freedom & dedicated research time
  • Access to an advanced EDR lab for testing & bypass research
  • Minimal meetings, no PM, no sales, no meaningless projects
  • No restrictive compliance frameworks like TIBER-EU or DORA – just real-world offensive security
  • Tech-savvy management & a team of top-tier security experts
  • Individual technical equipment
  • Global conference & training participation
  • All-inclusive perks: fine lunches, massages, gym access, healthy snacks & great coffee
  • Highly competitive salary + company-wide success participation
  • Employer-funded pension
  • Flexible work options in Germany: Ulm, Mannheim, hybrid or fully remote

Think you’re up for the challenge? Prove it and apply if you can

Senior Penetration Tester (m/f/d)

Location: Germany (Ulm, Mannheim, hybrid or fully remote)

CODE WHITE is a highly specialized offensive security boutique looking for an experienced, motivated, and result-oriented Senior Penetration Tester (m/f/d) to join our Security Intelligence Service (SIS Group).

This is not a traditional Penetration Testing role with scoped engagements, compliance-driven reports, or rigid timelines. Instead, you will continuously attack and monitor the complete external attack surface of major enterprises, discovering and exploiting vulnerabilities that actually matter.

Think of it as a hybrid between Penetration Testing and Bug Bounty hunting - but with full access to an advanced toolchain, zero scope restrictions, and deep technical freedom.

What matters to us:

  • Maximum integrity, reliability, and team spirit
  • Passion for hacking & deep technical curiosity
  • Strong offensive security skills in web, app and cloud security
  • Experience in real-world attack simulations and vulnerability research
  • Creativity in identifying unconventional attack paths and development of offensive tooling
  • Interest in the international security community and the latest developments and vulns

Nice to have:

  • OSCP, OSWE, OSEP, or similar certifications (but skills matter more than certs)
  • Security clearance eligibility

What we offer:

  • Technical freedom & dedicated research time
  • Opportunity to hunt for critical vulns & emerging threats across multiple clients without artificial constraints
  • Minimal meetings, no PM, no sales, no meaningless projects, no business trips
  • Tech-savvy management & a team of top-tier security experts
  • Individual technical equipment
  • Global conference & training participation
  • All-inclusive perks: fine lunches, massages, gym access, healthy snacks & great coffee
  • Highly competitive salary + company-wide success participation
  • Employer-funded pension
  • Flexible work options in Germany: Ulm, Mannheim, hybrid or fully remote

Think you’re up for the challenge? Prove it and apply if you can

n-day Researcher (m/f/d)

Location: Germany (Ulm, Mannheim, hybrid or fully remote)

CODE WHITE is a highly specialized offensive security boutique pushing the boundaries of intelligence-driven security. We focus on real-world attack simulation and provide continuous security assessments for our clients. We're looking for a passionate and skilled n-day Researcher (m/f/d) to join our team and help us discover, develop, and understand vulnerabilities across a diverse range of technologies.

This isn't a typical research position focused on theoretical papers. You'll be actively applying your research to real-world scenarios, developing functional exploits (n-days), and potentially uncovering new vulnerabilities (0-days). You'll work in a team of experienced Red Teamers, Penetration Testers, and Intelligence Analysts, benefiting from a collaborative environment and access to cutting-edge tools.

What matters to us:

  • Maximum integrity, reliability, and team spirit.
  • A genuine passion for hacking and deep technical curiosity.
  • Proven ability to research and analyze software, systems, and network protocols.
  • Experience in reverse engineering, vulnerability analysis, and exploit development.
  • Ability to develop functional exploits (n-days) based on publicly available information.
  • Familiarity with diverse technology stacks (special focus on web but also a solid base of binary expertise desirable).
  • Strong scripting/programming skills (Python, C/C++, etc.).
  • Strong experience with static/dynamic analysis tools, debuggers.
  • Ability to clearly document research findings and communicate complex technical concepts.
  • Willing to write blog posts, give presentations at conferences.

Nice to have:

  • OSCP, OSCE, OSWE or similar certifications (but skills matter more than certs).
  • Experience with fuzzing.
  • Experience with 0-day vulnerability research and responsible disclosure processes.
  • Security clearance eligibility.

What we offer:

  • Technical freedom - we prioritize deep dives.
  • Minimal meetings, no PM, no sales, no meaningless projects - we trust you to deliver.
  • A team of top-tier security experts and tech-savvy management who understand your work.
  • Individual technical equipment to support your research.
  • Global conference and training participation to keep your skills sharp.
  • All-inclusive perks: fine lunches, massages, gym access, healthy snacks & great coffee.
  • Highly competitive salary + company-wide success participation.
  • Employer-funded pension.
  • Flexible work options in Germany: Ulm, Mannheim, hybrid or fully remote.

If you're a dedicated n-day researcher who thrives on challenge and wants to make a real-world impact, we encourage you to apply. Prove it by sending us your track record and ask for a challenge, which we'll pick individually based on your given skill set. Don't forget sending us also your desired salary.

Vulnerability Intelligence Analyst (m/f/d)

Location: Germany (Ulm, Mannheim, hybrid or fully remote)

CODE WHITE offers the "Security Intelligence Service" (SIS) for selected clients, providing continuous monitoring and analysis of their external attack surface. As part of this service, we're looking for a Vulnerability Intelligence Analyst (m/f/d) to strengthen our Vulnerability Intelligence team.

This role focuses on working with and improving our in-house platform that helps us gathering, analyzing, and evaluating vulnerability intelligence signals. Your assessment, supported by a whole team of experts, is a crucial factor in quickly informing our clients about the threats and risks arising from vulnerabilities that they should focus on.

What matters to us:

  • Maximum integrity, reliability, and team spirit
  • Practical experience in cybersecurity, ideally with a background in Penetration Testing, Red Teaming, or Threat Intelligence.
  • Outstanding ability to present technically complex issues in a clear and understandable manner (German/English).
  • A genuine passion for hacking and vulnerabilities, and a strong interest in the security landscape.
  • Ability to monitor and analyze diverse information sources (security blogs, vulnerability databases, news feeds, social media, etc.).
  • Familiarity with common vulnerability scoring systems (CVSS, EPSS), and vulnerability management principles.
  • Ability to effectively communicate findings to both technical and non-technical audiences.
  • Contributing to the improvement and maintenance of our in-house vulnerability intelligence platform.
  • Analyzing collected signals, including published vulnerabilities, exploits, and reports of active exploitation.

Nice to have:

  • OSCP, OSCE, OSWE or similar certifications (but skills matter more than certs).
  • Experience with threat and/or vulnerability intelligence platforms and vulnerability management tools.
  • Security clearance eligibility.

What we offer:

  • Completely free and self-responsible time management within a technical team of highly professional hackers.
  • Technical freedom and dedicated research time - focused on intelligence gathering and analysis.
  • Hardly any meetings, no PM, no sales, no meaningless projects, no business trips.
  • Tech-savvy management and a team of top-tier security experts.
  • Individual technical equipment.
  • Global conference and training participation.
  • All-inclusive perks: fine lunches, massages, gym access, healthy snacks & great coffee.
  • Highly competitive salary + company-wide success participation.
  • Employer-funded pension.
  • Flexible work options in Germany: Ulm, Mannheim, hybrid or fully remote.

If you are an enthusiastic security professional with a knack for intelligence gathering and a proactive mindset, we look forward to your compelling application, including your desired salary.