Mindworks logo
Mindworks

Múltiplas soluções de TI para o seu negócio. Outsourcing, Infraestrutura, Conectividade e Cibersegurança.

Senior Red Team and Offensive Security Analyst

Security AnalystSecurity AnalystFull TimeRemoteSeniorTeam 51-200Since 1999H1B No SponsorCompany SiteLinkedIn

Location

Brazil

Posted

4 days ago

Salary

0

Seniority

Senior

Bachelor DegreePortugueseEnglishCloud

Job Description

Senior Red Team and Offensive Security Analyst

Mindworks

• Perform tests on web applications, APIs, internal and external infrastructure, cloud environments, and Active Directory. • Conduct manual vulnerability validations, controlled exploitation, authorized post-exploitation, and impact analysis. • Review technical findings, evidence, severity assessments, recommendations, and reports produced by the team. • Serve as an operational second opinion for defining processes and work instructions. • Support sensitive technical decisions related to significant findings, false positives, critical risks, and operational validations. • Review and standardize methodologies, playbooks, checklists, templates, and internal procedures. • Support phishing, smishing, and vishing campaigns, including planning, technical validation, result analysis, and recommendations. • Support OSINT activities, password analysis, credential exposure reviews, and monitoring of the Deep and Dark Web. • Contribute to the design of future services, including adversary simulations, tabletop exercises, ransomware simulations, and full Red Team exercises. • Support the definition of technical scope, effort estimates, and consultative discussions with clients.

Job Requirements

  • Bachelor's degree (or higher) in Information Security, Computer Science, Computer Engineering, or related fields.
  • Strong experience in offensive security, penetration testing, Red Teaming, or related areas.
  • Hands-on experience testing web applications, APIs, infrastructure, networks, Active Directory, and cloud environments.
  • Ability to perform manual exploitation and validate vulnerabilities beyond automated tooling.
  • Knowledge of reconnaissance, enumeration, exploitation, lateral movement, and post-exploitation techniques in authorized environments.
  • Familiarity with tools such as Burp Suite, Nmap, Metasploit, BloodHound, Impacket, NetExec/CrackMapExec, OWASP ZAP, nuclei, ffuf, Hashcat, OSINT tools, and cloud security solutions.
  • Knowledge of frameworks and references such as MITRE ATT&CK, OWASP Top 10, OWASP WSTG, and penetration testing methodologies.
  • Strong technical writing skills and the ability to produce clear, concise, and actionable reports.
  • Conversational English.

Related Job Pages

More Security Analyst Jobs

Role Description Reporting to the Group Security Operations Manager, the purpose of the IT Security Analyst is to assist with maintaining and enhancing our IT infrastructure and carrying out information security related tasks. You'll work directly with the Group SecOps Manager to keep our ISMS, ISO 27001 and security posture in good shape, and act as the first point of triage for security incidents in UK working hours before escalation. We are seeking a motivated and detail-oriented IT Security Analyst to join our team. In this role, you will be responsible for: - Performing regular scheduled IT security tasks - Conducting audits, reviews, and validation of security controls in accordance with our established policies and procedures The IT Security Analyst will play a critical role in safeguarding our organisation's information assets and ensuring compliance with applicable regulations. The role provides a great opportunity to build on existing experience and take a career in IT Operations, Security and Support to the next level in the Idox, working in a forward-thinking environment with a team around them that’s passionate about technology and innovation. You will find our full job description located HERE . Company Description

United Kingdom
water IT Security & Defense logo

Security Analyst, 2nd Level

water IT Security & Defense

We make IT Security a Defensive Art - powered by Microsoft

Full TimeRemoteTeam 51-200H1B No Sponsor

• Für unsere vielfältigen Kund:innen analysierst und eskalierst du Security Incidents - inklusive Root-Cause-Analysen, Eskalationsprozessen und aktivem Threat Hunting. • Du hast Lust, nicht nur zu reagieren, sondern aktiv mitzugestalten? In Workshops und regelmäßigen Jour-Fixen bist du die zentrale Ansprechperson für unsere Kund:innen rund ums Incident Handling & Co. • Du sorgst du dafür, dass bei uns alles rundläuft. • Im Wechsel mit dem Team übernimmst du die Rufbereitschaft – auch mal nachts oder am Wochenende. • Zusammen mit unserem Engineering Team sorgst du dafür, dass wir und unsere Kund:innen immer einen Schritt voraus sind.

Germany
water IT Security & Defense logo

Security Analyst, 1st Level

water IT Security & Defense

We make IT Security a Defensive Art - powered by Microsoft

Full TimeRemoteTeam 51-200H1B No Sponsor

• You analyze. You prioritize. You protect. • With your trained eye on our SIEM (Security Information & Event Management), you detect security-relevant events, assess incidents, and ensure nothing falls under the radar. • You prioritize efficiently and keep the big picture even when data volume is high. • Following agreed SLAs, you handle incidents, document your findings, and, when necessary, communicate directly with our clients. • You create clear and well-founded reports that deliver not only facts but real added value. • You present your analyses in a concise, practical way—whether on client calls or internally with the team. • You provide concrete recommendations for closing security gaps and optimizing protective measures. • Because true security doesn’t take breaks, you’ll work with your team in a 3-shift system (early, late and night shifts).

Germany
ContractRemoteTeam 11-50Since 2013H1B No Sponsor

• Secure the future of compliance—lead CMMC readiness with your CCP expertise and make an impact where cybersecurity meets strategy. • Support clients in achieving Cybersecurity Maturity Model Certification (CMMC) readiness. • Play a critical role in delivering gap analysis, developing and implementing remediation plans, and supporting process documentation and incident response strategies. • Deliver CMMC readiness services, including: Gap analysis, Process remediation, Security documentation, Incident response planning and testing. • Collaborate with stakeholders to ensure understanding and adoption of CMMC requirements. • Contribute to the development of policies, procedures, and system security plans (SSPs). • Support ongoing security assessments and readiness tracking.

United States