Description: Technical Knowledge * Proficiency in pentest methodologies (e.g.: OWASP Testing Guide, PTES). * Experience with security tools (e.g.: Burp Suite, ZAP, Nmap, Metasploit, Nessus). * Mastery of SAST and DAST analysis tools. * Strong understanding of programming languages (Java, Python, JavaScript, C#, Go). * Knowledge of development frameworks and their security challenges. * Experience with version control tools (Git). * Understanding of security in networks, operating systems, databases, and container environments (Docker, Kubernetes). Skills * Analytical ability to prioritize and resolve vulnerabilities. * Good communication skills to translate complex concepts into accessible language for diverse audiences. * Ability to conduct training sessions and share security best practices. Education and Certifications * Bachelor's degree in fields such as Computer Science, Software Engineering, Information Systems, or related areas. * Recognized security certifications (e.g.: OSCP, CEH, GWAPT, GIAC, or similar). * Conduct penetration tests (Pentest) on web, mobile, and API applications, identifying, exploiting, and documenting vulnerabilities according to recognized methodologies. * Perform vulnerability analyses using SAST (static code analysis) and DAST (dynamic analysis) tools, interpreting reports and prioritizing fixes. * Review source code across different languages and frameworks to identify security flaws, proposing improvement recommendations. * Support developers and technology teams in adopting secure-by-design best practices by conducting training and mentoring sessions. * Work on the configuration, optimization, and evolution of security analysis and monitoring tools. * Contribute to promoting a security culture throughout the software development lifecycle. * Support infrastructure and cloud security initiatives by assessing risks in modern architectures (microservices, serverless, containers). Desired Experiences: * Practical experience in pentesting, vulnerability assessment, or code review. * Experience delivering technical training or knowledge transfer to teams. * Prior work in environments with microservices-based or cloud architectures. 25110702023038606