
Senior Red Team and Offensive Security Analyst
Posted 5 hours ago

Posted 5 hours ago
This is a fully remote position, open to applicants in Brazil.
• Execute tests on web applications, APIs, internal and external infrastructure, cloud environments, and Active Directory.
• Carry out manual vulnerability validations, controlled exploitation, authorized post-exploitation, and impact assessments.
• Evaluate technical findings, evidence, severity assessments, recommendations, and reports generated by the team.
• Act as an operational second opinion for establishing processes and work instructions.
• Assist in sensitive technical decisions concerning significant findings, false positives, critical risks, and operational validations.
• Review and standardize methodologies, playbooks, checklists, templates, and internal procedures.
• Aid in phishing, smishing, and vishing campaigns, including planning, technical validation, result analysis, and recommendations.
• Support OSINT activities, password analysis, credential exposure reviews, and monitoring of the Deep and Dark Web.
• Contribute to the design of future services, including adversary simulations, tabletop exercises, ransomware simulations, and full Red Team exercises.
• Assist in defining technical scope, effort estimates, and consultative discussions with clients.
• Bachelor's degree (or higher) in Information Security, Computer Science, Computer Engineering, or related fields.
• Extensive experience in offensive security, penetration testing, Red Teaming, or related disciplines.
• Practical experience testing web applications, APIs, infrastructure, networks, Active Directory, and cloud environments.
• Capability to perform manual exploitation and validate vulnerabilities beyond automated tools.
• Understanding of reconnaissance, enumeration, exploitation, lateral movement, and post-exploitation techniques in authorized settings.
• Familiarity with tools such as Burp Suite, Nmap, Metasploit, BloodHound, Impacket, NetExec/CrackMapExec, OWASP ZAP, nuclei, ffuf, Hashcat, OSINT tools, and cloud security solutions.
• Familiarity with frameworks and references like MITRE ATT&CK, OWASP Top 10, OWASP WSTG, and penetration testing methodologies.
• Strong technical writing abilities and the capacity to produce clear, concise, and actionable reports.
• Conversational proficiency in English.
• Competitive salary and comprehensive benefits package.
• Opportunities for professional development and continuous learning.
• Collaborative and inclusive work environment.
• Flexible work arrangements and remote work options.
HumanIT Digital Consulting
Solo Network
Spread Tecnologia
Cooperativa Central Ailos
Get handpicked remote jobs straight to your inbox weekly.