Back to SearchSenior Security Penetration Tester
Remote in Brazil
Security.Testing, Penetration testing
Choose an option
We are seeking a Senior Security Penetration Tester to lead advanced security assessments for web, mobile and modern technology stacks, including cloud and LLM integrations.
You will operate independently, adapting to diverse project scopes and client requirements, and be responsible for the full security lifecycle from requirements definition to final review.
Responsibilities
- Identify relevant security specifications and standards
- Define security requirements
- Define security tools and associated security checks
- Define security test strategy
- Scope and estimate tasks, manage multiple assignments with minimal supervision
- Conduct vulnerability assessments and penetration testing
- Collaborate with technical and management personnel throughout the security assessment lifecycle
- Document disclosed issues using various reporting formats, with desired knowledge of Jira and Confluence
- Provide remediation suggestions for identified issues
- Collaborate with personnel responsible for writing and presenting proposals to prospective clients
- Participate in Security Champions meetings and contribute to continuous improvement
Requirements
- Minimum 3 years of working experience in security assessments
- Knowledge of Web Services including SOAP and RESTful APIs
- Background in Web Applications across various frameworks and architectures
- Expertise in Mobile Applications for iOS, Android and optionally Windows Mobile
- Competency in Client Applications for Windows/Linux thin and thick clients, primarily Windows
- Skills in Chatbots and LLM Integrations, including adversarial testing and prompt injection scenarios
- Proficiency in Cloud Environments with emphasis on application-layer security and identity management
- Familiarity with Burp Suite, Nmap, OWASP ZAP or similar tools
- Capability to evaluate requirements, processes and technologies from a security standpoint
- Flexibility to select, educate and communicate the right solution based on client requirements and objectives
- Ability to explain assessment results to technical and non-technical personnel
- Experience in development of security-related documentation
Nice to have
- Understanding and practical experience in security testing methodologies such as OSSTM, OWASP, PTES
- Capability to develop, implement and guide security assessment processes on projects
- Familiarity with Static/Dynamic analysis tools for mobile and client apps like MobSF or similar