Retour
Analista de Pentest Sr
Addresse: São Paulo, Avenida Francisco Matarazzo Ground Floor
Posté: 2 Jours
Type d’emploi: Regular
Ref: R098313
Postulez maintenant
Un groupe de quatre personnes assises en cercle. Deux hommes sont assis sur un canapé bleu foncé avec des coussins jaunes, face à la caméra. L'un est plus âgé, portant un pull gris clair et un jean bleu foncé. Le plus jeune a les cheveux bruns foncés et porte un T-shirt blanc et un pantalon kaki. En face d'eux, il y a deux femmes, toutes deux avec des cheveux bruns. L'une porte une chemise rouge, l'autre un pull orange. Elles sont tournées dos à la caméra et vous ne pouvez pas voir leurs visages.

Certifique-se de anexar seu currículo atualizado e a ciência de seu gestor no ato da candidatura!

#Ibope Media

#LI-MV1

#Remote

Role Overview 

We are seeking a skilled Senior Pentesting Analyst to join our cybersecurity team. This role is responsible for leading and executing penetration tests and red team engagements to test and validate vulnerabilities across our digital infrastructure. This role will work closely with security engineers, developers, and business stakeholders to assess risk, improve defenses, and ensure the resilience of systems against evolving threats. 

 

Key Responsibilities 

  • Plan, execute, and report on penetration tests (web applications, APIs, networks, cloud environments, IoT, etc.) 

  • Conduct red team/blue team exercises and simulate real-world attack scenarios 

  • Identify and exploit vulnerabilities using both automated tools and manual techniques 

  • Develop and maintain custom scripts and tools to support testing activities 

  • Collaborate with development and infrastructure teams to validate findings and recommend remediation strategies 

  • Stay current with emerging threats, vulnerabilities, and offensive security techniques 

  • Assist in compliance assessments (e.g., PCI-DSS, ISO 27001, SOC 2) 

 

Required Skills & Experience 

  • 5+ years of experience in penetration testing, ethical hacking, or offensive security 

  • Strong understanding of network protocols, operating systems, and application security 

  • Proficiency with tools such as Burp Suite, Metasploit, Nmap, Wireshark, and custom scripting (Python, Bash, PowerShell) 

  • Experience with cloud security testing (AWS, Azure, GCP) 

  • Familiarity with MITRE ATT&CK, OWASP Top 10, and CVSS 

  • Relevant certifications (e.g., OSCP, OSCE, GPEN, GWAPT, CISSP) are highly desirable 

  • Excellent communication skills, with the ability to clearly articulate findings and recommendations to technical and non-technical audiences 

  • Fluent in English 

 

Preferred Qualifications 

  • Experience with threat modeling and risk assessments 

  • Knowledge of secure software development lifecycle (SSDLC) 

  • Background in incident response or digital forensics 

  • Experience with CI/CD pipeline security and DevSecOps practices 

  • Spanish language is a plus. 

Candidaturas até 28/11/2025.

Postulez maintenant
Retour