MID-LEVEL PENTESTER (M/F/D)

We are seeking a skilled and motivated Mid-Level or Senior Penetration Tester to join our client's cybersecurity team.
The Penetration Tester will play a critical role in identifying, assessing, and exploiting security vulnerabilities in IT systems, networks, and applications.
The ideal candidate will have hands-on experience in performing advanced penetration tests, assessing security controls, and providing actionable recommendations to enhance the security posture of the organization.
Key Responsibilities.
1.
Conduct Penetration Tests.
o  Perform penetration testing on web applications, networks, and systems to identify vulnerabilities.
o  Use both manual techniques and automated tools to simulate real-world attacks.
o  Identify security weaknesses in system configurations, authentication mechanisms, and access control systems.
2.
Vulnerability Identification and Exploitation.
o  Perform vulnerability assessments and exploit identified weaknesses to determine the impact and risk level.
o  Document findings in a clear and detailed manner, including proof of concepts for exploitation.
3.
Reporting and Documentation.
o  Prepare comprehensive penetration testing reports, including vulnerabilities, risks, and detailed remediation recommendations.
o  Present findings to technical and non-technical stakeholders in a clear and concise manner.
4.
Security Advisory and Consulting.
o  Provide guidance on remediating vulnerabilities and improving overall security posture.
o  Advise development, operations, and security teams on best practices for application and network security.
5.
Continuous Improvement and Research.
o  Stay up to date on the latest threats, attack vectors, and penetration testing methodologies.
o  Research and develop new tools, techniques, and frameworks to improve the penetration testing process.
o  Mentor junior members of the security team in penetration testing techniques and security best practices.
Qualifications.
Experience.
o  Minimum 3 or more years of experience in penetration testing or offensive security roles.
(If you have had previous experience in other cybersecurity technical roles we can count it as previous experience) o  Strong knowledge of penetration testing frameworks and methodologies.
Technical Skills.
o  Proficient with penetration testing tools such as Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, and Wireshark.
o  Experience in manual exploitation techniques beyond automated scanning tools.
o  Strong understanding of web application security, network security, and mobile security testing.
(if you are good in at least one of these areas it's ok) o  Hands-on experience with scripting languages (e.
., Python, Bash, PowerShell) and ability to develop custom testing tools.
o  Familiarity with common attack techniques and vectors.
Certifications (not-mandatory but will be valued).
o  OSCP (Offensive Security Certified Professional) o  CEH (Certified Ethical Hacker) o  GPEN (GIAC Penetration Tester) o  OSWE (Offensive Security Web Expert) Soft Skills.
o  Strong analytical and problem-solving skills.
o  Good verbal and written communication skills - Portuguese and English.
o  Ability to work independently or as part of a team.
If this is your profile, please submit your updated, English CV.
#LI-CL1