Impulsione a economia do Brasil, seja um Omielover! #VemPraOmie https://carreirasomie.gupy.io/
Analista de Segurança da Informação Pleno – Pentest
Location
Brazil
Posted
1 day ago
Salary
0
Seniority
Mid Level
Job Description
Analista de Segurança da Informação Pleno – Pentest
Omie
• Foco em testes de intrusão e segurança de aplicações web, com ênfase em integrações estratégicas e validação de segurança em parceiros de negócio do ecossistema Omie. • Pentest de APIs: Testes de segurança em endpoints, análise de fluxos de autenticação (OAuth, JWT) e integrações de terceiros. • Desenvolvimento Seguro: Revisão de código e integração de ferramentas SAST/DAST em esteiras de CI/CD. • Relatórios de Vulnerabilidade: Redação técnica para desenvolvedores e relatórios executivos de risco para stakeholders.
Job Requirements
- Experiência em Tecnologia da Informação.
- Experiência comprovada em Pentest Web e segurança de APIs - 2 anos.
- Domínio de ao menos uma linguagem: Python, NodeJS, PHP, Golang ou outra.
- Experiência com esteiras de desenvolvimento seguro.
- Desejável: Graduação em Ciência da Computação, Engenharia da Computação ou Análise de Sistemas.
- Conhecimento em ferramentas de IA/MCP para automação de testes e documentação técnica.
- Boa comunicação e capacidade de organização.
Benefits
- Benefício Flexível/VR: R$ 45,00/dia útil.
- Auxílio Home office.
- Precisa trabalhar presencialmente? Nós temos vale-transporte. E para você que vem de trem/metrô disponibilizamos um fretado na estação para deslocamento até o escritório.
- Plano de saúde Bradesco.
- Plano odontológico Amil Dental.
- Auxílio Farmácia.
- Auxílio-creche.
- Day off de aniversário, para você comemorar como quiser!
- Para manter a saúde e o bem-estar físico em dia, contamos com Apps parceiros de academias credenciadas.
- Para relaxar e cuidar da saúde mental, temos parcerias com plataformas de terapia e meditação online.
- Parceria com o SESC - Credencial Plena
- Descontos exclusivos nas melhores faculdades e instituições de ensino, voltados para cursos de graduação, pós-graduação e MBA. Além de disponibilizarmos o Omie Academy gratuito para colaboradores.
- Parceria com cursos de English in Company.
- Programa de descontos em seguros.
- Swile Shop: plataforma de descontos exclusivos.
- Parceria com a Dell.
- PPRL.
- Benefícios de Viagens.
- Seguro de vida.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Services Specialist
CBTSCBTS partners with businesses to deliver innovative technology solutions, including application services, cloud solutions, consulting, digital workplace solutio
Security Services Specialist Location: Chicago, IL, USA Work Arrangement: Remote/Hybrid About the Role We are looking for a Security Services Specialist with a passion for shaping, positioning, and winning complex cybersecurity engagements to join our Presales Advisory & Strategic Pursuits practice. This is a strategic, client-facing role at the intersection of cybersecurity expertise, consultative selling, and executive engagement — not a traditional delivery position. You will partner closely with Account Executives, Solution Leads, presales teams, and delivery leadership to lead consultative discovery, define security strategy, and architect services-led solutions aligned to business risk and long-term transformation goals. The mission: help organizations evolve from fragmented, tool-centric security approaches to mature, risk-driven security programs. What You Will Do Shape & Win Strategic Opportunities · Partner with Account Executives to identify, qualify, and shape high-value cybersecurity pursuits from the earliest stages of engagement. · Lead consultative discovery sessions to uncover business drivers, pain points, and transformation opportunities. · Define compelling solution visions that connect security investments to measurable business outcomes. · Drive end-to-end pursuit leadership — from initial engagement through close. Lead Executive Engagement · Establish credibility with CIOs, CTOs, CISOs, and business executives as a trusted security advisor. · Facilitate outcome-driven conversations that move beyond technology to business impact and risk reduction. · Craft and deliver executive-level narratives that differentiate our offerings and win competitive pursuits. Architect Services-Led Solutions · Design integrated solutions that combine Professional Services, Managed Security Services, and partner capabilities into a cohesive offering. · Ensure every solution is technically sound, operationally viable, and commercially compelling. · Align architecture, delivery models, and commercial constructs into scalable, repeatable offerings. Orchestrate Cross-Functional Teams · Lead and align solution architects, engineers, subject matter experts, partners, and delivery teams across complex pursuits. · Drive clarity, accountability, and pace — ensuring every pursuit moves forward with purpose and precision. · Elevate team performance through coaching, structure, and the development of reusable best practices. Influence Strategy & Commercial Outcomes · Shape deal strategy, pricing models, and commercial constructs — including recurring, consumption-based, and outcome-based models. · Balance competitiveness, risk, and profitability in solution design to optimize commercial outcomes. · Contribute to portfolio evolution based on market demand, competitive intelligence, and client needs. Required Qualifications · 5–10+ years of experience in cybersecurity, consulting, or technical sales, with demonstrated success shaping and closing complex security services engagements. · Experience within a managed service provider (MSP), global systems integrator (GSI), or enterprise security environment. · Strong background in managed security services and/or security consulting engagements. · Deep experience in consultative, outcome-based, and value-based selling methodologies. · Ability to translate security risk into business impact, investment rationale, and ROI. · Exceptional executive communication and storytelling skills, with the ability to simplify complexity for senior audiences. Broad technical and domain expertise spanning the following areas: · Risk-based security program development and maturity modeling. · Security frameworks including NIST, CIS, and ISO. · Threat detection and response — SIEM, SOAR, SOC, and MTDR. · Vulnerability management, remediation, and compliance. · Identity and access security — MFA, IAM, and Zero Trust. · Cloud security — CSPM, governance, and workload protection. · Application security — web, mobile, and API protection. · Data security — encryption, governance, and protection. · Network and infrastructure security — firewalls, DDoS, segmentation, and SASE. · Managed security services operations — 24×7 monitoring and incident response. · Awareness of AI-driven threats and automation in security operations. Preferred Qualifications · CISSP, CISM, or equivalent industry-recognized security certifications. · Cloud security certifications across one or more providers (AWS, Azure, GCP). · Vendor-specific certifications such as Cisco, Palo Alto, or Microsoft Security. Success Profile The ideal candidate is a confident, commercially driven security professional who thrives at the intersection of strategy and execution. You are equally at home leading a discovery session with a client's security team and presenting a transformation vision to a CISO or senior business leader. You understand that winning in presales requires more than technical depth — it requires empathy, influence, and the ability to make clients feel understood before they feel sold to. · Executive Presence: Confident engaging and influencing senior stakeholders with authority and authenticity. · Strategic Thinking: Shapes complex opportunities into clear, actionable strategies that drive results. · Storytelling Excellence: Simplifies complexity into compelling narratives that resonate with technical and business audiences alike. · Commercial Acumen: Understands how solution design drives business outcomes — and structures deals accordingly. · Operational Discipline: Drives structure, pace, and execution across pursuits without compromising quality. · Collaborative Leadership: Operates seamlessly across sales, presales, delivery, and partner ecosystems. · Growth Mindset: Continuously elevates self, team, and organizational capability. We are an equal opportunity employer. We welcome applicants from all backgrounds and are committed to building a diverse and inclusive team. Salary $110,000 to $160,000 #LI-PF2 #LI-Remote The compensation range in this posting reflects the Company’s good‑faith estimate at the time of publication. The applicable base pay range for any individual will be determined based on the candidate’s designated primary work location as well as factors including role scope and responsibilities, required qualifications, and the individual’s experience, education, skills, knowledge, and performance. Certain positions may also be eligible for additional compensation such as discretionary merit increases, bonuses, or sales‑based variable compensation in accordance with applicable plans and role requirements. Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.
Modern Work & Security Transformation Architect
CPSDelivering your business and technology outcomes through expert consultancy and the deployment of Microsoft technology.
• Design, build and demonstrate Microsoft 365 Modern Work and Security capabilities to prospective clients. • Lead customer workshops, discovery sessions and strategic conversations with stakeholders from technical teams through to executive leadership. • Gather and document business, functional, technical, security, compliance and migration requirements. • Produce current-state assessments, target-state architectures, strategic recommendations, roadmaps, options appraisals and migration strategies. • Create high-quality architecture and solution designs capable of being handed over to multi-disciplinary delivery teams for successful implementation. • Provide technical leadership across large customer programmes, coordinating architecture decisions across productivity, collaboration, security, compliance, identity, endpoint, migration and UC workstreams, and drawing on SMEs for specialist design input where required. • Support technical governance, design assurance, dependency management and risk resolution throughout customer engagements. • Assist in writing compelling proposals, responses to tenders, discovery reports, business cases and statements of work. • Estimate delivery effort and support solution costing activities across complex, multi-phase engagements. • Ensure all customer-facing deliverables meet CPS quality standards. • Promote CPS as a recognised leader in Microsoft Modern Work and Security through blogs, webinars, events, conferences and customer engagements. • Contribute to internal standards, methodologies and reusable assets to improve the consistency and quality of delivery. • Lead the creation, development and evolution of the CPS Modern Work and Security service portfolio. • Define and maintain service propositions covering Microsoft 365 strategy, tenant design, Google Workspace to Microsoft 365 migration, SharePoint, Teams, Exchange Online, OneDrive, Viva, Copilot, Intune, Entra ID, Defender, Purview, UC and adoption programmes, with support from specialist SMEs where appropriate. • Work with the Head of Practice to develop packaged offerings with clearly defined scope, deliverables, commercial models, assumptions, risks and pricing structures. • Work closely with Sales, Marketing and Delivery teams to develop go-to-market strategies and supporting collateral. • Identify emerging Microsoft technologies, market trends and customer requirements, translating them into new service opportunities. • Support pipeline development and business growth through technical sales engagement, opportunity qualification and executive-level solution positioning. • Contribute to strategic partnerships with Microsoft and other technology vendors. • Create repeatable delivery frameworks, migration approaches, architecture patterns and best-practice guidance that improve scalability and profitability across the practice.
• Design and ship scalable security solutions. • Build relationships with engineering to foster cooperative partnerships across key Twilio products and platforms. • Partner with product and engineering teams to integrate scalable security capabilities. • Use metrics and data on the state of security at the product level, to drive accountability and action. • Drive security risk reduction through technical leadership and influence of engineering roadmaps. • Lead security reviews for critical features, new initiatives and infrastructure changes. • Cultivate security expertise across engineering teams through mentorship, technical guidance and training.
• Make Our Products Brilliant: Feed research directly into product and engineering — work close to the roadmap and the codebase to sharpen how we detect, prioritise, and remediate, building capabilities that outclass the competition • Shape How Our AI Understands Risk: Translate deep threat research into the labels, signals, and product feedback that train our models to prioritise vulnerabilities like a seasoned researcher • Lead Our Security Research Function: Set the direction, standards, and methodologies for how Maze researches, validates, and prioritises cloud and application security threats, scaling a small team of researchers as we grow • Find Novel Vulnerabilities That Get Reach: Surface original research and build narratives — blog posts, technical talks, podcasts, video, conference presentations — that earn real reach and give Maze technical credibility with the security community • Build Authoritative Technical Intelligence: Produce detailed research on exploitation techniques, attack vectors, and remediation across cloud infrastructure and application security, enriched with CVE, advisory, and threat-intel sources • Set the Standard for Research Quality: Establish the frameworks and review processes that keep our vulnerability assessment consistent, defensible, and ahead of the threat landscape • Grow the Bench: Mentor and develop researchers, raising the technical bar of the team and creating a research culture others want to join



