This is a fully remote position, open to applicants in Costa Rica.

📋 Description

• Perform penetration testing on Azure and M365 platforms.

• Replicate real-world attacker methodologies, such as credential theft, token misuse, privilege escalation, lateral movement, and persistence within Azure and M365 environments.

• Evaluate security measures established across Defender for Cloud, Defender for Identity, Defender for Endpoint, and Sentinel detection systems.

• Analyze identity attack surfaces.

• Generate clear and professional penetration testing reports.

• Collaborate closely with Security Operations, Cloud engineering, and GRC teams.

• Keep abreast of new Azure attack strategies and assist in developing internal penetration testing methodologies.

⛳️ Requirements

• At least 5 years of professional experience in penetration testing or offensive security.

• Significant hands-on experience in testing Microsoft Azure and Microsoft 365 environments.

• Comprehensive understanding of Azure AD and Entra ID security frameworks.

• Expertise with prevalent penetration testing tools and techniques, including PowerShell, Azure CLI, Graph API, and cloud-specific testing frameworks.

• Strong knowledge of networking principles, identity protocols, and authentication processes.

• Proven ability to produce high-quality technical and executive-level reports.