[Hiring] Academy Hive Member @CovertSwarm

Role Description

Open to all European (UK/Spain) based applicants over the age of 18, this fully paid 12-month programme will see you integrated into the dynamic world of red team operations as a CovertSwarm Hive member, through mentorship, industry-recognised qualifications, and specialisation in areas of interest.

As an Academy Hive Member, your primary focus will be on rapidly developing the skills and techniques that make a great ethical hacker. This includes soft skills such as project management, client communications and teamwork, as well as core technical skills such as:

• OSINT and Reconnaissance
• External Perimeter
• Web Applications
• Internal Infrastructure
• Social Engineering - Phishing, Vishing and Physical

The 12-month programme is structured across four phases, with increasing client-facing responsibility as your capability grows. The first two months are internal-only, focused on operational grounding and reporting standards before you touch a client environment. From month three onward, you'll move through supervised delivery, growing ownership, and independent readiness – with promotion to full Hive member, the target by month 13.

Each Academy Member is supported by a shared mentor pool of domain specialists, a coach focused on your professional development, and a peer buddy to help you find your feet in the Hive culture.

Responsibilities

• Act as a business contact for CovertSwarm clients, fostering and maintaining relationships with key stakeholders and business partners. Ensuring client communication throughout the engagement and contract.
• Perform cyber security assessment activities against complex networks, applications, operating systems, wired/wireless networks, and mobile applications/devices.
• Develop and maintain attack plans bespoke to each client to replicate an Advanced Persistent Threat (APT).
• Create high quality actionable, threat-based, reports on security assessment results, which the client is debriefed on fully following the completion of any assessments.
• Consult with application developers, systems administrators, and management to demonstrate security assessment results, explain the threat presented by the results, and consult on remediation.
• Communicate security issues to a wide variety of internal and external "customers" which will include technical teams, executives, risk groups, vendors, and regulators.

Qualifications

• A history of self-directed technical study outside of formal education.
• Personal labs, coding projects, or contributions to security research.
• Completion of entry-level certifications or platform challenges prior to applying.
• A clear starting direction within offensive security.
• Experience with learning platforms such as HackTheBox and TryHackMe is preferred but not a strict requirement.

Benefits

• A fully remote role with only the need to travel to client sites when in-person meetings are required, or during quarterly meetups.
• No need to use a word processor for report writing – results are delivered through a bespoke online portal.
• A culture focused on vulnerability research and actual points of compromise.
• Flexible working hours – does not have to be a 9-5, but core meetings must be attended online.
• Attendance at DEF CON every year (when not cancelled).
• Software, hardware, and research materials are not bound by strict limits.
• Unlimited training relevant to your role and the company.
• Unlimited holiday – take downtime whenever needed.
• Private Medical Insurance.
• Company Pension.
• Access to the Electric Vehicle salary sacrifice scheme (UK residents only).
• Expenses paid and a bonus for presenting at major infosec events/hacker conferences.
• No corporate politics – emphasis on radical candor within the team.