• Plan and conduct complex penetration tests (red team, adversary simulation, chained attacks), including hybrid environments (on-premises, cloud, and mobile), focusing on realistic, high-impact scenarios; • Structure and evolve attack methodologies, frameworks and playbooks, aligning offensive initiatives with business risks and the organization’s strategic priorities; • Lead Red Team and Purple Team exercises and simulations based on real TTPs (MITRE ATT&CK), assessing the effectiveness of defensive and response controls; • Develop advanced techniques, exploits, tools and automations, and research vulnerabilities (0-day, n-day, business logic) and new exploitation methods; • Support security investigations with an offensive perspective, helping reproduce attacks, validate hypotheses and identify compromise vectors; • Act as a mentor for junior, mid-level and senior staff, raising the team’s technical level and disseminating knowledge; • Work closely with security leadership, architecture and business stakeholders, translating technical risks into organizational impact and supporting strategic decisions; • Evaluate the effectiveness of controls (EDR, WAF, IAM, SIEM, etc.) through advanced offensive techniques; • Produce high-level reports with risk assessment, financial impact and strategic recommendations, as well as detailed technical documentation; • Propose structural improvements to security posture, tools, processes and offensive capabilities.

• Profissional experiente em segurança cloud, com sólido entendimento de processos de DevOps, change management e configuration management • Faz parte de uma equipe responsável pelo desenvolvimento, atualização e testes de políticas de segurança cloud • Criação e manutenção de pipelines para publicação dessas políticas nos ambientes adequados • Atua com controles preventivos e detectivos de segurança para mitigação de riscos cibernéticos em cloud • Traduz políticas de Segurança da Informação em controles técnicos aplicados ao ambiente Azure

• Design, develop, and integrate web application offensive security content into the NodeZero platform • Design, develop, and integrate novel attack capabilities into the NodeZero platform, including offensive security tooling and AI-enhanced techniques. • Research and implement AI-driven methods for vulnerability detection, exploitation, and workflow automation. • Extend and maintain platform architecture, data models, and system design to support new product features. • Monitor production for issues or missed opportunities and create or resolve Jira tickets as needed. • Investigate, own, and resolve bugs in developed content. • Collaborate cross-functionally to address customer and prospect concerns related to attack content. • Author technical blog posts showcasing new research, exploits, or attack methodologies. • Mentor junior engineers and contribute to continuous improvement of team processes and standards

• Architect, establish and maintain best practices of implementation for our products/services. • Configure, implement, and support all production security tools and technologies. • Maintain excellent documentation (SOPs) for all security tooling implementation, support, troubleshooting, etc. • Troubleshoot issues with security toolsets within client environments. • Execute projects related to client onboarding – portal configuration, agent deployment, best practices configuration, systems auditing. • Actively work with other team members on security events that require urgent response, containment and remediation. • Provide ongoing recommendations on toolset tuning and best practices. • Ability to discuss security posture with multiple clients and make recommendations to better their holistic security approach. • Triage incoming support tickets and requests related to security tools managed by CyberSheath. • Take part in daily shift changeover meetings at the beginning and end of shifts. • Provide support for cloud-based SIEM, EDR, and Anti-Spam/Phishing products. • Provide support for additional security tools such as, but not limited to: SOAR, MFA, Encryption, and Vulnerability Management platforms. • Assist with triage of alerts as necessary.