Agility

Junior Security Analyst, Pentest, Red Team

Agility

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇧🇷 Brazil

Visit company website
AI Apply
Apply

Job Level

Junior

Tech Stack

AndroidiOSLinuxPerlPythonShell ScriptingSQLTCP/IP

About the role

  • Perform penetration testing on Web applications, APIs, databases, infrastructure, and mobile applications (Android and iOS) (Ethical Hacking);
  • Perform manual and automated vulnerability testing on web applications and other services;
  • Develop mitigation actions for identified vulnerabilities;
  • Prepare technical and executive presentations of identified vulnerabilities, describing mitigation solutions and prioritizing risks based on CVSS calculations and the OWASP Top 10;
  • Share knowledge and provide training to internal teams and colleagues;
  • Operate tools such as Burp Suite and vulnerability scanners;
  • Contribute to the continuous improvement of our services;

Requirements

  • Minimum of 1 year of experience in penetration testing;
  • Knowledge of web application pentesting;
  • Knowledge of infrastructure pentesting;
  • Understanding of TCP/IP networks and web protocols;
  • Familiarity with Linux and Windows operating systems;
  • Knowledge of manual and automated techniques for penetration testing, as well as performing vulnerability assessments (injection, privilege escalation, fuzzing, buffer overflows, etc.);
  • Proven professional experience testing web applications for vulnerabilities as defined by OWASP, including input validation flaws, improper access controls, session management vulnerabilities, cross-site scripting, SQL injection, and web server configuration issues;
  • Familiarity with tools — proxies, port scanners, vulnerability scanners, exploit frameworks (e.g., Burp, Nessus, Nmap, Metasploit);
  • Verbal and written communication skills to prepare documentation and presentations for technical and non-technical audiences.
  • Minimum of 2 years of experience in Information Security, Cybersecurity Analyst roles, or similar;
  • Knowledge of mobile application pentesting (Android and iOS);
  • Knowledge of API pentesting;
  • Automation of vulnerability analysis;
  • Knowledge of Python, Perl, or shell scripting;
  • Experience performing penetration testing on wireless networks, social engineering, databases, network devices, servers, and other information systems;
  • Assist the Blue Team in identifying, collecting, analyzing, preserving, and handling Information Security incidents;
  • General knowledge of MITRE ATT&CK, OWASP, and NIST;
  • Creation of scripts and exploits
  • EC-Council CEH – Certified Ethical Hacker
  • CompTIA Security+
  • CompTIA PenTest+
  • English — reading
Benefits
  • Position also open to candidates with disabilities (PwD)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
penetration testingvulnerability testingmitigation actionsTCP/IP networksweb protocolsmanual techniquesautomated techniquesvulnerability assessmentsscriptingmobile application pentesting
Soft skills
verbal communicationwritten communicationknowledge sharingtraining
Certifications
EC-Council CEHCompTIA Security+CompTIA PenTest+