We are looking for passionate enthusiasts of Penetration Testing and Ethical Hacking to join our cybersecurity team at Kryptus. Here, you will have the opportunity to work on real-world challenges and grow within a dynamic and innovative environment. If you seek challenges involving advanced technologies and wish to directly impact the security maturity of our clients, this is the right place for you. At Kryptus, you’ll have the chance to grow while making a difference in a strategic and continuously evolving market. On a day-to-day basis, you will conduct security assessments on infrastructures, complex systems, web and mobile applications, SAP applications, and IoT devices. Your mission will be to help our clients—across diverse industries and sizes—identify vulnerabilities and strengthen their cyber defenses through: Penetration testing across various environments; In-depth vulnerability analysis; Code and system architecture reviews; Recommendations for security improvements and best practices; Adoption of cutting-edge tools and techniques to mitigate risks. **Hybrid Position for Brasília or Campinas – CLT or PJ** ------------------------------------------------------------ **Responsibilities and Duties** * Plan and execute penetration tests on web and mobile (Android/iOS) applications, infrastructure, and networks. * Identify and exploit vulnerabilities in applications, APIs, and corporate environments. * Perform mobile device security analysis and assess application security (Android/iOS). * Map risks and propose recommendations to mitigate vulnerabilities. * Use security tools such as Burp Suite, Nessus, Nmap, Metasploit, MobSF, Drozer, and Frida. * Conduct network traffic analysis and API security testing. * Validate both manual and automated findings and provide detailed insights into identified issues. * Prepare structured technical reports for technical and executive teams. * Support development teams in implementing secure practices. * Stay updated on emerging trends, vulnerabilities, and attack techniques. **Behavioral Skills:** -------------------------------- * Proactivity and ability to independently solve complex problems. * Organization and attention to detail. * Strong communication skills and teamwork orientation. * Commitment to continuous learning and professional development. **Requirements and Qualifications** **MANDATORY:** ----------------- **Education:** **You must meet the following educational requirements:** * A completed undergraduate degree in any field, plus a postgraduate program in Information Technology offered by an institution recognized by the Brazilian Ministry of Education (MEC), with a minimum workload of 360 hours. * Minimum of 3–5 years of experience in cybersecurity. * Demonstrated experience conducting penetration tests on mobile applications (Android and iOS). * Advanced knowledge of Linux operating systems and networking. * Practical experience with tools such as Tenable, OpenVAS, Burp Suite, OWASP ZAP, MobSF, Drozer, and Frida. * Familiarity with penetration testing methodologies such as OWASP MSTG and OWASP Top 10. * Experience with programming languages such as Python, Java, Kotlin, or Swift. * Ability to analyze network traffic and manipulate API requests. * Experience preparing detailed technical reports. * Intermediate English proficiency for reading and understanding technical documentation. **MANDATORY** --------------- **At least one certification from Group A, plus one certification from Group B:** --------------------------------------------------------------------------------------------------------------------------- **Group A** * EC-Council Certified Ethical Hacker (CEH), * CompTIA PenTest+, * eLearnSecurity Junior Penetration Tester (eJPT), * Offensive Security Web Assessor (OSWA), * Sec4US Certified Web API Pentester, * EXIN Ethical Hacking Foundation. **Group B:** * EC-Council Certified Ethical Hacker Master (CEH Master), * EC-Council Certified Penetration Testing Professional (CPENT), * eLearnSecurity Certified Professional Penetration Tester (eCPPT), * eLearnSecurity Web Application Penetration Tester (eWPT), * Offensive Security Certified Professional (OSCP), * GIAC Enterprise Vulnerability Assessor (GEVA), * GIAC Penetration Tester (GPEN). **Desirable:** * Experience automating security tests and developing scripts for penetration testing. * Knowledge of reverse engineering and binary analysis. * Experience with cloud security (AWS, Azure, GCP). * Participation in CTFs and offensive security competitions. **Additional Information** #### **Kryptus Benefits for CLT Employees:** Profit-sharing program (PLR) Health insurance plan Dental insurance plan Attractive benefits package including meal vouchers, food allowances, etc. Transportation allowance TotalPass Personal day off (“Your Day, Your Way”) SESC membership benefits Extended maternity/paternity leave Mental health platform (therapy services). #### **Our Work Environment** * High-caliber technical team * Low bureaucracy and high impact * Freedom with responsibility * Valued diversity, respect, and creativity * Space to grow and contribute to strategic technical decisions #### **Moreover…** * Regular happy hours * No formal dress code unless required * Relaxation areas available * Daily variety of foods and beverages, available freely * Periodic feedback sessions * Collaborative environment that respects diversity, features low bureaucracy, and consistently encourages creativity and professional growth **Kryptus without barriers.** Remote work is here to stay—and physical distance won’t prevent you from joining the Kryptus team! We have collaborators spread across Brazil and Europe thanks to our remote work policy. We also offer partial remote work options. Only teams involved in critical projects or hardware-related tasks require on-site presence. Each case is evaluated individually. ;) **Kryptus is a Brazilian multinational company**. Headquartered in Brazil with a subsidiary in Switzerland, we have grown consistently for 21 years, serving public and private sector clients across Latin America, Europe, the Middle East, and Africa. Since 2003, we have delivered highly customizable, reliable, and secure cryptographic and cybersecurity solutions for critical applications, backed by the highest level of service to fulfill our partners’ missions. **Innovation is in our DNA.** We constantly innovate to stay ahead of threats—evolving our products, enhancing service quality, and delivering tailor-made projects for organizations and nations worldwide. Here, you will work with cutting-edge technology essential for national defense, individual protection, and business and commercial relationship sustainability. **Join a team recognized in Brazil and globally.** We earned the “Strategic Defense Company – EED” designation from Brazil’s National Defense Council and were named a “Cool Vendor 2014 in Brazil” by the Gartner Institute. **Our purpose is to enable causes and missions pursuing the greater good.** If you wish to be part of this mission, apply to our open opportunities!