Remoote.app

Work from anywhere. Start here.

JobsFree resume builderCompaniesLog in
Apply

Grupo QuintoAndar | Senior, Offensive Security Engineer

Posted 2024-11-21

View full description

💎 Seniority level: Senior, 5+ years

📍 Location: Brazil

🔍 Industry: Real Estate/PropTech

🏢 Company: Grupo QuintoAndar

🗣️ Languages: Portuguese, English

⏳ Experience: 5+ years

🪄 Skills: Communication SkillsAnalytical SkillsCollaborationProblem SolvingLinuxAttention to detailOrganizational skillsTime ManagementWritten communicationDocumentation

Requirements:
  • Strong hands-on experience with penetration testing tools and frameworks (5+ years).
  • Professional expertise in offensive security techniques, including vulnerability assessment, exploitation, and post-exploitation tactics.
  • Knowledge of modern exploitation techniques, web application vulnerabilities (OWASP Top 10), and network security weaknesses.
  • Familiarity with Zero Trust principles and how they apply to offensive security testing and hardening.
  • Experience conducting Red Team exercises and utilizing frameworks such as MITRE ATT&CK, Cyber Kill Chain and NIST.
  • Fluency in Portuguese and proficiency in English, especially for writing detailed reports, security documentation, and collaborating with global teams.
  • Offensive Security Certified Professional (OSCP) or similar certifications are highly desirable.
Responsibilities:
  • Conduct regular penetration testing on corporate infrastructure, applications, and networks (including cloud environments) to identify and exploit vulnerabilities.
  • Develop and execute offensive security strategies to simulate real-world attack scenarios, providing insights into potential security weaknesses and paths to exploitation.
  • Automate offensive security processes, including vulnerability scanning, reconnaissance, and exploit deployment, to enhance testing efficiency and coverage.
  • Create detailed reports of findings and work closely with the incident response, SOC, and blue team to provide actionable recommendations for remediation.
  • Lead Red Team exercises, developing attack methodologies and leveraging the MITRE ATT&CK framework to improve detection and response capabilities.
  • Collaborate with various stakeholders to integrate offensive security findings into the broader security program, aligning with Zero Trust principles.
  • Stay up to date with the latest vulnerabilities, exploits, and offensive security tools to continuously improve the security posture of the organization.
Apply