Browse
···
Log in / Register
Job Summary: We are seeking a Junior Red Team / Pentest Analyst to join our Offensive Security team, conducting technical assessments, penetration testing, and advanced attack simulations. Key Highlights: 1. Initial experience in offensive security and interest in evolving techniques. 2. Collaboration with Blue Team, SOC, Architecture, and DevSecOps teams. 3. Development of pentest and Red Team playbooks and methodologies. **Mais.Mobi** is an urban mobility company committed to reimagining the transportation and technology sectors to anticipate the future desired by cities and people. The organization manages various products and electronic fare systems, such as Riocard Mais and Cartão Macaé. We deliver tailored solutions for the market, supporting operations in customer service, management, loyalty programs, and payment methods—transforming mobility with security, transparency, and technical support. **Role Objective:** We seek a Junior Red Team / Pentest Analyst to join our Offensive Security team, performing technical security assessments, penetration testing, and advanced attack simulations. The role contributes to identifying vulnerabilities, conducting controlled exploitation, and driving continuous improvements to corporate environment security controls. This position is ideal for candidates with initial hands-on experience and foundational proficiency in core offensive security tools and methodologies, along with a sustained interest in advancing cyberattack and defense techniques. **Responsibilities and Duties** **Responsibilities:** * Conduct penetration tests on web applications, APIs, internal and external networks. * Perform vulnerability assessments, technical risk analysis, and controlled exploitation of flaws. * Support and execute attack simulation activities (Red Team Assessments) using frameworks such as MITRE ATT\&CK. * Prepare technical and executive reports, including evidence, impact analysis, and mitigation recommendations. * Automate processes and develop scripts to support offensive operations. * Monitor threat trends, exploits, emerging attack techniques, and security tool updates. * Collaborate with Blue Team, SOC, Architecture, and DevSecOps teams to validate and remediate vulnerabilities. * Participate in developing internal pentest and Red Team playbooks, methodologies, and standards. **Requirements and Qualifications** **Required:** * Bachelor’s degree in Information Security, Information Systems, Computer Science, Software Engineering, or related fields. * Experience in pentesting, Red Teaming, ethical hacking, or equivalent roles. * Practical knowledge of key tools: Nmap, Burp Suite, Metasploit, SQLmap, Wireshark, OWASP ZAP. * Familiarity with Windows and Linux environments, permissions, services, and common attack vectors. * Familiarity with methodologies: OWASP Top 10, MITRE ATT\&CK, PTES, NIST SP. * Basic understanding of secure development practices and DevSecOps pipelines (CI/CD, Git, integration of automated scanners). * Ability to produce clear, concise, and impact-oriented documentation. * Strong communication skills, analytical thinking, teamwork capability, and commitment to excellence. * CompTIA Security\+ certification. **Desirable:** * Participation in CTFs or practical labs (HTB, TryHackMe, PortSwigger Academy). * Certifications such as eJPT, eCPPT, OSCP, PenTest\+, or ISO/IEC 27001\. * Scripting knowledge (Python, Bash, PowerShell) or offensive automation experience. * Intermediate English proficiency. **Additional Information** **Employment Type:** CLT. **Benefits:** Transportation allowance \+ Meal voucher \+ Food allowance \+ Health and dental insurance \+ Reimbursement for online courses \+ Life insurance \+ Emotional well-being program, etc. **Work Format:** Hybrid. **Location:** Centro \- Rio de Janeiro. **Mais.Mobi** is an urban mobility company committed to reimagining the transportation and technology sectors to anticipate the future desired by cities and people. We deliver tailored solutions for the market, supporting operations in customer service, management, loyalty programs, and payment methods—transforming mobility with security, transparency, and continuous technical support.
