Múltiplas soluções de TI para o seu negócio. Outsourcing, Infraestrutura, Conectividade e Cibersegurança.
Senior Red Team and Offensive Security Analyst
Location
Brazil
Posted
4 days ago
Salary
0
Seniority
Senior
Job Description
Senior Red Team and Offensive Security Analyst
Mindworks
• Perform tests on web applications, APIs, internal and external infrastructure, cloud environments, and Active Directory. • Conduct manual vulnerability validations, controlled exploitation, authorized post-exploitation, and impact analysis. • Review technical findings, evidence, severity assessments, recommendations, and reports produced by the team. • Serve as an operational second opinion for defining processes and work instructions. • Support sensitive technical decisions related to significant findings, false positives, critical risks, and operational validations. • Review and standardize methodologies, playbooks, checklists, templates, and internal procedures. • Support phishing, smishing, and vishing campaigns, including planning, technical validation, result analysis, and recommendations. • Support OSINT activities, password analysis, credential exposure reviews, and monitoring of the Deep and Dark Web. • Contribute to the design of future services, including adversary simulations, tabletop exercises, ransomware simulations, and full Red Team exercises. • Support the definition of technical scope, effort estimates, and consultative discussions with clients.
Job Requirements
- Bachelor's degree (or higher) in Information Security, Computer Science, Computer Engineering, or related fields.
- Strong experience in offensive security, penetration testing, Red Teaming, or related areas.
- Hands-on experience testing web applications, APIs, infrastructure, networks, Active Directory, and cloud environments.
- Ability to perform manual exploitation and validate vulnerabilities beyond automated tooling.
- Knowledge of reconnaissance, enumeration, exploitation, lateral movement, and post-exploitation techniques in authorized environments.
- Familiarity with tools such as Burp Suite, Nmap, Metasploit, BloodHound, Impacket, NetExec/CrackMapExec, OWASP ZAP, nuclei, ffuf, Hashcat, OSINT tools, and cloud security solutions.
- Knowledge of frameworks and references such as MITRE ATT&CK, OWASP Top 10, OWASP WSTG, and penetration testing methodologies.
- Strong technical writing skills and the ability to produce clear, concise, and actionable reports.
- Conversational English.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Role Description Reporting to the Group Security Operations Manager, the purpose of the IT Security Analyst is to assist with maintaining and enhancing our IT infrastructure and carrying out information security related tasks. You'll work directly with the Group SecOps Manager to keep our ISMS, ISO 27001 and security posture in good shape, and act as the first point of triage for security incidents in UK working hours before escalation. We are seeking a motivated and detail-oriented IT Security Analyst to join our team. In this role, you will be responsible for: - Performing regular scheduled IT security tasks - Conducting audits, reviews, and validation of security controls in accordance with our established policies and procedures The IT Security Analyst will play a critical role in safeguarding our organisation's information assets and ensuring compliance with applicable regulations. The role provides a great opportunity to build on existing experience and take a career in IT Operations, Security and Support to the next level in the Idox, working in a forward-thinking environment with a team around them that’s passionate about technology and innovation. You will find our full job description located HERE . Company Description
Security Analyst, 2nd Level
water IT Security & DefenseWe make IT Security a Defensive Art - powered by Microsoft
• Für unsere vielfältigen Kund:innen analysierst und eskalierst du Security Incidents - inklusive Root-Cause-Analysen, Eskalationsprozessen und aktivem Threat Hunting. • Du hast Lust, nicht nur zu reagieren, sondern aktiv mitzugestalten? In Workshops und regelmäßigen Jour-Fixen bist du die zentrale Ansprechperson für unsere Kund:innen rund ums Incident Handling & Co. • Du sorgst du dafür, dass bei uns alles rundläuft. • Im Wechsel mit dem Team übernimmst du die Rufbereitschaft – auch mal nachts oder am Wochenende. • Zusammen mit unserem Engineering Team sorgst du dafür, dass wir und unsere Kund:innen immer einen Schritt voraus sind.
Security Analyst, 1st Level
water IT Security & DefenseWe make IT Security a Defensive Art - powered by Microsoft
• You analyze. You prioritize. You protect. • With your trained eye on our SIEM (Security Information & Event Management), you detect security-relevant events, assess incidents, and ensure nothing falls under the radar. • You prioritize efficiently and keep the big picture even when data volume is high. • Following agreed SLAs, you handle incidents, document your findings, and, when necessary, communicate directly with our clients. • You create clear and well-founded reports that deliver not only facts but real added value. • You present your analyses in a concise, practical way—whether on client calls or internally with the team. • You provide concrete recommendations for closing security gaps and optimizing protective measures. • Because true security doesn’t take breaks, you’ll work with your team in a 3-shift system (early, late and night shifts).
• Secure the future of compliance—lead CMMC readiness with your CCP expertise and make an impact where cybersecurity meets strategy. • Support clients in achieving Cybersecurity Maturity Model Certification (CMMC) readiness. • Play a critical role in delivering gap analysis, developing and implementing remediation plans, and supporting process documentation and incident response strategies. • Deliver CMMC readiness services, including: Gap analysis, Process remediation, Security documentation, Incident response planning and testing. • Collaborate with stakeholders to ensure understanding and adoption of CMMC requirements. • Contribute to the development of policies, procedures, and system security plans (SSPs). • Support ongoing security assessments and readiness tracking.


