• Desenvolver e executar planos de teste abrangentes, casos de teste e procedimentos de teste para garantir a qualidade da aplicação; • Colaborar com desenvolvedores, analistas de negócios e outros membros da equipe para entender os requisitos, funcionalidades e casos de uso esperados; • Identificar, registrar, documentar e acompanhar bugs e outras questões de qualidade; • Realizar testes funcionais, de regressão, de integração e de performance para validar a aplicação; • Participar de revisões de especificação de requisitos e sessões de planejamento de projeto; • Estabelecer e promover as melhores práticas de processo de QA; • Auxiliar na definição de métricas e KPIs de qualidade e garantir que as metas sejam atingidas.

• Plan and execute penetration tests against internal and external infrastructure, web applications, APIs, and cloud environments (primarily AWS) • Conduct red team engagements simulating advanced persistent threats (APTs) and real-world attack chains • Design, build, and maintain automated pentesting and security scanning pipelines integrated into CI/CD workflows • Leverage AI and machine-learning–based tools (e.g., LLM-assisted vulnerability discovery, automated exploit generation, AI-driven anomaly detection) to scale offensive security operations • Develop custom exploit code, scripts, and tooling tailored to the organisation's technology stack • Assess and harden Kubernetes and AWS environments (IAM, VPC, EKS, Lambda, S3, CloudTrail, GuardDuty, etc.) • Document findings in clear, actionable reports with risk ratings and remediation guidance • Collaborate with SOC, DevOps, and engineering teams to validate fixes and improve detection capabilities • Contribute to purple team exercises bridging offensive findings with defensive improvements • Stay current on emerging attack techniques, CVEs, threat intelligence, and offensive security research • Mentor junior security team members on offensive methodologies and tooling

• Build an automation framework from scratch, starting with API-level coverage of critical end-to-end happy path flows, the ones that must never break in a product shipping multiple times a day. • Mentor QA team members into more technical and structured testing practice. • Work with developers to build shared ownership of quality across engineering: encourage better unit testing, help them understand what good coverage looks like, and shift quality from a QA concern to a team habit. • Run exploratory testing to surface edge cases and failure modes that specs don't anticipate. • Own feature aftercare: monitor releases in production, track stability, and drive continuous improvement from what you find. • Identify gaps that developers and PMs miss and bring them to the table early, contributing to product decisions throughout the cycle, not just at the end. • Track QA metrics that matter, bug detection rate, release confidence, post-release defect counts, and own the narrative around what they mean for the product.

• Prepare and manage regulatory and quality documentation for CE mark submission and Notified Body reviews. • Coordinate with technical, clinical and other teams, provide trainings and guidance, with support from external CE consultants. • Support the development and maintenance of the Quality Management System (QMS). • Support the preparation and upkeep of the Technical File, including collecting information, compiling evidence, drafting documentation, and collaborating closely with engineering, design, and data teams. • Assist with ISO certification activities (e.g., ISO 13485). • Maintain document control, records, logs, and change control to ensure audit readiness and ongoing compliance. • Act as the main point of contact for consultants and the Notified Body, drafting responses and scheduling audits. • Coordinate requirements, risk, usability, and verification evidence with product, design, and engineering teams. • Contribute to post-market surveillance activities after approval. • Track timelines, prepare status updates, and facilitate cross-team collaboration.