Remotery

Senior Red Team and Offensive Security Analyst

Posted 5 hours ago

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Execute tests on web applications, APIs, internal and external infrastructure, cloud environments, and Active Directory.

• Carry out manual vulnerability validations, controlled exploitation, authorized post-exploitation, and impact assessments.

• Evaluate technical findings, evidence, severity assessments, recommendations, and reports generated by the team.

• Act as an operational second opinion for establishing processes and work instructions.

• Assist in sensitive technical decisions concerning significant findings, false positives, critical risks, and operational validations.

• Review and standardize methodologies, playbooks, checklists, templates, and internal procedures.

• Aid in phishing, smishing, and vishing campaigns, including planning, technical validation, result analysis, and recommendations.

• Support OSINT activities, password analysis, credential exposure reviews, and monitoring of the Deep and Dark Web.

• Contribute to the design of future services, including adversary simulations, tabletop exercises, ransomware simulations, and full Red Team exercises.

• Assist in defining technical scope, effort estimates, and consultative discussions with clients.


⛳️ Requirements

• Bachelor's degree (or higher) in Information Security, Computer Science, Computer Engineering, or related fields.

• Extensive experience in offensive security, penetration testing, Red Teaming, or related disciplines.

• Practical experience testing web applications, APIs, infrastructure, networks, Active Directory, and cloud environments.

• Capability to perform manual exploitation and validate vulnerabilities beyond automated tools.

• Understanding of reconnaissance, enumeration, exploitation, lateral movement, and post-exploitation techniques in authorized settings.

• Familiarity with tools such as Burp Suite, Nmap, Metasploit, BloodHound, Impacket, NetExec/CrackMapExec, OWASP ZAP, nuclei, ffuf, Hashcat, OSINT tools, and cloud security solutions.

• Familiarity with frameworks and references like MITRE ATT&CK, OWASP Top 10, OWASP WSTG, and penetration testing methodologies.

• Strong technical writing abilities and the capacity to produce clear, concise, and actionable reports.

• Conversational proficiency in English.


🏝️ Benefits

• Competitive salary and comprehensive benefits package.

• Opportunities for professional development and continuous learning.

• Collaborative and inclusive work environment.

• Flexible work arrangements and remote work options.

People also viewed

HumanIT Digital Consulting4 hours ago

Information Security Analyst

PT flagPortugal OnlyFull-timeSecurity Analyst€2,300 – €2,900/month
ApplyView job
Solo Network5 hours ago

Data and Information Security Analyst (Mid-level)

Anywhere in the WorldFull-timeSecurity Analyst
ApplyView job
Spread Tecnologia5 hours ago

Mid-level Information Security Analyst

BR flagBrazil OnlyFull-timeSecurity Analyst
ApplyView job
Cooperativa Central Ailos5 hours ago

Information Security Analyst III – Network Security

BR flagBrazil OnlyFull-timeSecurity Analyst
ApplyView job
DigitalOcean5 hours ago

Senior Security Analyst

US flagMassachusetts OnlyFull-timeSecurity Analyst$140.8k – $176k/year
ApplyView job
water IT Security & Defense5 hours ago

Security Analyst, 1st Level

DE flagGermany OnlyFull-timeSecurity Analyst
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers