Role Description Planejar e executar operações ofensivas (Red Team engagements, Adversary Simulation/Emulation) contra a infraestrutura, aplicações e processos do iFood Pago, simulando adversários reais com foco em impacto financeiro. - Realizar testes de segurança em aplicações web, APIs (REST/GraphQL/gRPC) e aplicações mobile (Android e iOS), incluindo análise estática, dinâmica e de runtime. - Realizar testes e avaliar a segurança de ambientes cloud-native, incluindo Kubernetes, containers, service meshes. - Conduzir testes de segurança em sistemas AI-powered, identificando vulnerabilidades como prompt injection, model manipulation, data poisoning, bypass de guardrails, entre outras. - Desenvolver automações, ferramentas ofensivas e integrações utilizando AI/LLMs para escalar processos e aprimorar a identificação e exploração de vulnerabilidades. - Documentar findings com clareza, demonstrando impacto real ao negócio e propondo planos de ações para correção. - Colaborar com Blue Team e CSIRT em exercícios de Purple Team, contribuindo para melhoria contínua de detecção e resposta. - Manter-se atualizado sobre TTPs emergentes, especialmente aquelas direcionadas ao setor financeiro e de pagamentos na América Latina. Qualifications - Experiência em Red Team operations e Penetration Testing em ambientes corporativos. - Domínio em testes de segurança de aplicações web e APIs, incluindo vulnerabilidades além do OWASP Top 10 (broken authentication, mass assignment, BOLA/IDOR, race conditions, business logic flaws em fluxos financeiros). - Experiência em segurança mobile (Android/iOS): reversing de APKs/IPAs, hooking com Frida, bypass de certificate pinning, análise de armazenamento local, etc. - Conhecimento prático em segurança de ambientes cloud-native: Kubernetes (RBAC, pod escape, service account abuse), Docker (container breakout), AWS/GCP (privilege escalation, misconfiguration exploitation). - Experiência com infraestrutura de Red Team: C2 frameworks (Cobalt Strike, Sliver, custom C2), redirectors, OPSEC, evasão e persistência. - Habilidade em programação e scripting (Python, Go, Bash) para desenvolvimento de tooling ofensivo e automações. - Conhecimento do MITRE ATT&CK Framework e capacidade de mapear operações a TTPs relevantes. - Familiaridade com protocolos e sistemas financeiros é um diferencial forte. - Traduzir findings técnicos em risco de negócio para diferentes audiências. Requirements - Experiência em testes de segurança de sistemas baseados em LLMs/AI (prompt injection, jailbreaking, tool-use abuse, data exfiltration via AI agents). - Uso de AI/LLMs para automação de tarefas ofensivas (triagem de vulnerabilidades, geração de payloads, análise de código, reconhecimento automatizado). - Participação em programas de bug bounty com track record relevante. - Publicação de pesquisas, CVEs, write-ups ou palestras em conferências de segurança. - Certificações relevantes (OSCP, OSEP, OSWE, CRTO, CARTE, CRT, eMAPT). - Experiência prévia em fintechs, bancos ou empresas de pagamentos. Benefits - Buscamos uma pessoa apaixonada por segurança da informação, que esteja sempre em busca de novos aprendizados e que goste de desafios.

• Cloud Security Architecture & Hardening: Lead security hardening across AWS and GCP environments, including identity and access management, network segmentation, logging, monitoring, configuration hygiene, and secure cloud architecture patterns. You will help define standards that scale across teams and cloud platforms. • Cloud Risk Ownership: Own and mature Engine’s approach to identifying, prioritizing, and remediating cloud security risks. You will assess systemic risk, separate high-priority issues from low-value noise, and drive practical remediation in partnership with infrastructure and engineering teams. • Orca Findings Management: Own the end-to-end lifecycle of Orca findings, including monitoring new alerts, triaging severity, identifying root cause, tracking remediation, and driving findings to closure with the appropriate technical owners. • Cloud Alert Response: Serve as a primary responder for cloud-specific security alerts. You will help improve detection quality, reduce response time, and ensure cloud-originated threats are investigated and addressed effectively. • Infrastructure-as-Code Security: Partner with teams using Terraform and related infrastructure-as-code workflows to review, improve, and harden cloud configurations before risk reaches production. • AI Cloud Security: Help secure Engine’s expanding AI-related cloud footprint by identifying risks related to sensitive data, elevated IAM permissions, new service integrations, model/data access patterns, and infrastructure configurations. • Cross-Functional Collaboration: Partner closely with infrastructure, platform, engineering, SecOps, and security leadership to move security work forward. You will adapt your messaging across audiences, build trust with technical teams, and influence decisions without relying on direct authority. • Cloud-Native Threat Detection: Collaborate with SecOps to improve cloud telemetry, cloud-specific detection logic, SIEM signal quality, and response workflows for threats such as credential abuse, lateral movement, misconfigured storage, and data exfiltration. • Security Standards & Advocacy: Build clear, actionable cloud security guidelines, guardrails, and best practices for engineering teams. You will help create the paved paths that allow Engine to move quickly while reducing cloud security risk.

• Operate and continuously improve the security enterprise platforms through effective controls, detections, monitoring, and incident response. • Configure and manage IAM, access controls, and contextual access policies in line with least-privilege principles and secure access standards. • Manage and maintain the company’s MDM/EDR capabilities, ensuring endpoint visibility, policy coverage, timely updates, and organization-wide adoption. • Review new tools, workflows, and third-party integrations, including SaaS, AI tools, MCPs, and plugins—and provide practical security guidance to reduce operational risk while enabling the business. • Drive and improve the company’s security awareness program, helping users operate safely through practical guidance and support. • Monitor emerging attacks, vulnerabilities, and threat actor tradecraft, and turn that knowledge into practical defensive improvements across the company. • Apply adversarial thinking and practical threat modeling to identify realistic attack paths and improve operational resilience across user workflows, enterprise tooling, and internal systems. • Help define and improve security policies, standards, best practices, and configuration baselines for internal systems and business tooling.

Role Description SkyePoint Decisions is seeking a Penetration Testing Team Lead to join our team supporting the Department of Education’s (DoED) Federal Student Aid (FSA) Cybersecurity and Privacy Support Services (CPSS) in Washington, DC. This is a remote position. - Plans, coordinates and leads red team and penetration testing engagements across FSA systems. - Oversees test planning, execution, and reporting. - Maintain tools (patches and upgrades), their environment and inventory used in pen testing/Red Team exercises. - Ensures alignment with NIST SP 800-115, MITRE ATT&CK, and DHS RVA standards. - Mentors junior testers and evaluates new testing tools. Qualifications - 12+ years of experience in offensive security. - At least one of: OSCP, OSCE, GXPN, CEH. - Experience with network, application, AWS cloud, and API testing in complex environments. Requirements - U.S. Citizenship is required for most positions. Benefits - Salary Range: $100,000-$120,000. - Certification incentive program. - PTO and floating federal holiday options. - Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs]. - Flex Spending Accounts [FSAs]. - Full Dental Plans and Vision. - Short-Term/Long-Term Disability and Life Insurance. - 401k matched. - Flexible Work Environment.