Back to SearchSenior Security Penetration Tester
Remote in Brazil
Security.Testing, Penetration testing
Choose an option
We are looking for a Senior Security Penetration Tester to join our team.
This role requires advanced technical skills in Web and Mobile application security, as well as expertise in modern technology stacks such as cloud environments and LLM integrations. You will be responsible for identifying vulnerabilities, defining security requirements, and helping to strengthen the security posture of our clients.
Responsibilities
- Identify relevant security specifications and standards for projects
- Define and document security requirements for applications and systems
- Select appropriate security tools and outline associated security checks
- Develop comprehensive security testing strategies
- Scope, estimate, and manage multiple tasks independently
- Conduct vulnerability assessments and penetration tests on various platforms
- Collaborate with technical and management teams throughout the security assessment lifecycle
- Record all discovered issues using different reporting formats, including Jira and Confluence
- Provide actionable remediation recommendations for identified vulnerabilities
- Work with proposal teams to support client presentations and documentation
- Participate in Security Champions meetings and contribute to ongoing process improvements
Requirements
- Bachelor’s or Master’s degree in Computer Science, related field, or equivalent experience
- At least 3 years of hands-on experience in security testing or penetration testing
- Experience with Web Services, including SOAP and RESTful APIs
- Proficiency in testing Web Applications across multiple frameworks and architectures
- Background in Mobile Application security for iOS, Android, and optionally Windows Mobile
- Experience with Client Applications, focusing on Windows and Linux thin and thick clients
- Knowledge of Chatbots and LLM integrations, including adversarial testing and prompt injection
- Familiarity with Cloud Environments, especially application-layer security and identity management
- Skilled in using security tools such as Burp Suite, Nmap, OWASP ZAP, or similar
- Ability to evaluate requirements, processes, and technologies from a security perspective
- Capable of selecting, educating, and communicating the right security solutions based on client needs
- Able to explain assessment findings to both technical and non-technical audiences
- Experience in preparing security-related documentation
- Fluent English communication skills, both written and spoken, at B2+ level or higher
Nice to have
- Understanding and hands-on experience with security testing methodologies such as OSSTM, OWASP, and PTES
- Ability to develop, implement, and guide security assessment processes within projects
- Familiarity with static and dynamic analysis tools for mobile and client applications, such as MobSF or similar