Certifique-se de anexar seu currículo atualizado e a ciência de seu gestor no ato da candidatura!

#Ibope Media

#LI-MV1

#Remote

Role Overview 

We are seeking a skilled Senior Pentesting Analyst to join our cybersecurity team. This role is responsible for leading and executing penetration tests and red team engagements to test and validate vulnerabilities across our digital infrastructure. This role will work closely with security engineers, developers, and business stakeholders to assess risk, improve defenses, and ensure the resilience of systems against evolving threats. 

Key Responsibilities 

• Plan, execute, and report on penetration tests (web applications, APIs, networks, cloud environments, IoT, etc.) 

• Conduct red team/blue team exercises and simulate real-world attack scenarios 

• Identify and exploit vulnerabilities using both automated tools and manual techniques 

• Develop and maintain custom scripts and tools to support testing activities 

• Collaborate with development and infrastructure teams to validate findings and recommend remediation strategies 

• Stay current with emerging threats, vulnerabilities, and offensive security techniques 

• Assist in compliance assessments (e.g., PCI-DSS, ISO 27001, SOC 2) 

Required Skills & Experience 

• 5+ years of experience in penetration testing, ethical hacking, or offensive security 

• Strong understanding of network protocols, operating systems, and application security 

• Proficiency with tools such as Burp Suite, Metasploit, Nmap, Wireshark, and custom scripting (Python, Bash, PowerShell) 

• Experience with cloud security testing (AWS, Azure, GCP) 

• Familiarity with MITRE ATT&CK, OWASP Top 10, and CVSS 

• Relevant certifications (e.g., OSCP, OSCE, GPEN, GWAPT, CISSP) are highly desirable 

• Excellent communication skills, with the ability to clearly articulate findings and recommendations to technical and non-technical audiences 

• Fluent in English 

Preferred Qualifications 

• Experience with threat modeling and risk assessments 

• Knowledge of secure software development lifecycle (SSDLC) 

• Background in incident response or digital forensics 

• Experience with CI/CD pipeline security and DevSecOps practices 

• Spanish language is a plus. 

Candidaturas até 28/11/2025.