Retour
Analista de Pentest Sr
Addresse: São Paulo, Avenida Francisco Matarazzo Ground Floor
Posté: 2 Jours
Type d’emploi: Regular
Ref: R098313
Postulez maintenant
Trois collègues indiens travaillent ensemble. De gauche à droite. Un homme avec une courte barbe brune sourit à deux collègues féminines. Il porte une chemise blanche. Au milieu, une collègue travaille sur un ordinateur portable argenté et a les cheveux foncés jusqu'aux épaules. Elle porte une chemise bleue. Enfin, il y a une deuxième femme qui prend des notes dans son carnet. Elle porte un foulard blanc à motifs et un haut à motifs bleu et rouge à manches trois-quarts. Ses cheveux sont en tresse.

Certifique-se de anexar seu currículo atualizado e a ciência de seu gestor no ato da candidatura!

#Ibope Media

#LI-MV1

#Remote

Role Overview 

We are seeking a skilled Senior Pentesting Analyst to join our cybersecurity team. This role is responsible for leading and executing penetration tests and red team engagements to test and validate vulnerabilities across our digital infrastructure. This role will work closely with security engineers, developers, and business stakeholders to assess risk, improve defenses, and ensure the resilience of systems against evolving threats. 

 

Key Responsibilities 

  • Plan, execute, and report on penetration tests (web applications, APIs, networks, cloud environments, IoT, etc.) 

  • Conduct red team/blue team exercises and simulate real-world attack scenarios 

  • Identify and exploit vulnerabilities using both automated tools and manual techniques 

  • Develop and maintain custom scripts and tools to support testing activities 

  • Collaborate with development and infrastructure teams to validate findings and recommend remediation strategies 

  • Stay current with emerging threats, vulnerabilities, and offensive security techniques 

  • Assist in compliance assessments (e.g., PCI-DSS, ISO 27001, SOC 2) 

 

Required Skills & Experience 

  • 5+ years of experience in penetration testing, ethical hacking, or offensive security 

  • Strong understanding of network protocols, operating systems, and application security 

  • Proficiency with tools such as Burp Suite, Metasploit, Nmap, Wireshark, and custom scripting (Python, Bash, PowerShell) 

  • Experience with cloud security testing (AWS, Azure, GCP) 

  • Familiarity with MITRE ATT&CK, OWASP Top 10, and CVSS 

  • Relevant certifications (e.g., OSCP, OSCE, GPEN, GWAPT, CISSP) are highly desirable 

  • Excellent communication skills, with the ability to clearly articulate findings and recommendations to technical and non-technical audiences 

  • Fluent in English 

 

Preferred Qualifications 

  • Experience with threat modeling and risk assessments 

  • Knowledge of secure software development lifecycle (SSDLC) 

  • Background in incident response or digital forensics 

  • Experience with CI/CD pipeline security and DevSecOps practices 

  • Spanish language is a plus. 

Candidaturas até 28/11/2025.

Postulez maintenant
Retour