Java Job: Cyber Security - Pentester

We are looking for a Senior Pentester to join our client Cyber Security consulting team. This is a great opportunity to work with market leading specialists who provide world class threat intelligence, penetration testing, security monitoring, incident response and vulnerability management services to some of the world’s most prestigious organizations.

Key Responsibilities

As Senior Pentester, your main responsibilities will be the following ones:

• Vulnerability management and assessment (attack & penetration testing, red team testing);
• Planning and execution of intrusion tests;
• Hardening of high management solutions;
• Tenable platform management;
• Reporting;
• Issuancing of technical opinions and improvement proposals for risk mitigation;
• Updating general documentation;
• Establishing professional and trust relationships with clients and staff, contributing to a flexible, stable, and team-oriented working culture;
• Acting as mentor and coach to the junior members of the team and leading by example

To qualify for the role, the candidate must have

• Academic education in Computer Engineering or similar fields of study, mainly in referenced universities;
• Between 2 to 6 years of professional experience in Pentesting area;
• Relevant experience in Red Team penetration testing, in consulting environment;
• Experience in code development and/or review: C#, C/C++, VB.NET, ASP, PHP, Powershell, Python or Java;
• Understanding the data flow of an application and network components (SMTP, LDAP, Database servers);
• Knowledge about OWASP and CWE / SANS classification systems;
• Experience in Access Management, Change Management, Firewall & IPS rule sets and information leakage prevention and QoS;
• Experience in Network Configuration with Firewall Devices;
• Experience in systems security assessments and security design reviews of perimeter security application;
• Knowledge about Linux, Tenable and Kubernetes;
• Fluent written and verbal communication skills in both Portuguese and English.

Ideally, the candidate also have:

• OSCP (Offensive security certified professional) or CCNA R&S certifications, GPEN, CEH.