Back to SearchLead Security Testing Penetration Tester
Remote in Brazil
Security.Testing, Penetration testing
Choose an option
We are looking for a Lead Security Testing Penetration Tester to spearhead comprehensive security evaluations across web, mobile, and cutting-edge technology platforms, including cloud and large language model (LLM) integrations.
You will work autonomously, adjusting to varied project demands and client needs, overseeing the entire security process from initial requirements gathering to final analysis. Join us to take charge of security excellence and help protect our clients' assets.
Responsibilities
- Identify applicable security standards and specifications
- Establish security requirements
- Determine security tools and corresponding security checks
- Develop security testing strategies
- Estimate and scope tasks while managing multiple projects independently
- Perform vulnerability analyses and penetration tests
- Work collaboratively with both technical teams and management throughout security assessments
- Record identified issues using various reporting tools, with knowledge of Jira and Confluence preferred
- Recommend remediation measures for detected vulnerabilities
- Partner with proposal teams for client engagement and presentations
- Engage in Security Champions meetings to drive ongoing improvements
Requirements
- At least 5 years of experience conducting security assessments
- 1+ years of relevant leadership experience
- Proficient knowledge of Web Services including SOAP and RESTful APIs
- Experience with Web Applications across diverse frameworks and architectures
- Expertise in Mobile Applications for iOS, Android, and optionally Windows Mobile
- Competence in Client Applications for Windows/Linux, focusing on Windows platforms
- Skills in Chatbots and LLM Integrations including adversarial testing and prompt injection techniques
- Strong understanding of Cloud Environments with focus on application-layer security and identity management
- Familiarity with tools such as Burp Suite, Nmap, OWASP ZAP or equivalents
- Ability to analyze requirements, processes, and technologies from a security perspective
- Adaptability to select, educate, and communicate optimal security solutions based on client needs
- Capability to explain assessment outcomes to both technical and non-technical stakeholders
- Experience in creating security-related documentation
- Strong written and verbal English communication skills (B2+)
Nice to have
- Knowledge and practical application of security testing methodologies like OSSTM, OWASP, PTES
- Ability to develop, implement, and lead security assessment processes within projects
- Experience with Static and Dynamic analysis tools for mobile and client applications, such as MobSF or similar