Senior Network Security Engineer
WEX
CloudFirewalls
Offensive Security Manager – Red Team
Ambev Tech
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇧🇷 Brazil
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudGoogle Cloud Platform
About the role
- Plan and execute Red Team campaigns (internal and external) aligned with MITRE ATT&CK and realistic adversary profiles.
- Conduct Purple Team exercises in partnership with SOC/IR, validating telemetry, adjusting detections, and measuring defensive effectiveness.
- Perform formal penetration testing on web applications, APIs, mobile apps, networks, cloud environments (AWS/Azure/GCP), and containers — from scoping to delivering professional reports.
- Manage a team of 3 junior pentesters: distribute activities, review deliverables, support technical development, and provide continuous feedback.
- Validate technical reports produced by the team, ensuring prioritization of risks, technical evidence, and mitigation recommendations for technical and executive areas.
- Maintain pentest artifacts: authenticated test plans, exploration PoCs, verification steps, and retest scripts.
- Ensure that all tests follow rules of engagement, legal limits and ethical standards.
- Support in the definition of standards, Red/Purple/Pentest playbooks and the continuous evolution of the offensive security program.
Requirements
- Team management: experience in leading, motivating and developing junior professionals, ensuring deliveries within deadlines and quality standards.
- Collaborative: ease of working with SOC, IR, engineering, product, legal and compliance.
- Customer/business oriented: translates technical problems into risk impact and priorities.
- Mentor: experience in training junior members, conducting labs and workshops.
- Integrity: strong OPSEC discipline, ethical handling of evidence, compliance with rules of engagement.
- 5+ years in offensive security, with at least 3+ years in Red Team/adversary emulation and formal penetration testing.
- Proven experience in Purple Team: execution of joint exercises, adjustment of detections, collaboration with SOC/IR.
- Strong experience in pentesting web applications/APIs (OWASP Top 10), authentication/authorization failures, mobile, network and infrastructure testing.
- Good communication in English (written and verbal), with the ability to interact with global stakeholders and produce/validate reports in English.
- Previous experience in leading or managing technical teams is highly desirable.
- Applied knowledge in MITRE ATT&CK, emulation methodologies and Purple Team metrics.
Benefits
- Meal or food voucher (iFood);
- Transportation voucher;
- Bonus;
- Health insurance;
- Dental plan;
- Pharmacy discount plan;
- Life insurance;
- Ambev Private Pension Institute;
- School supplies assistance;
- Holiday food basket and frozen meal kit;
- Christmas toys;
- Family-friendly policies (maternity and paternity leave) and baby gift;
- Monthly discount on AMBEV products;
- Flexible hours bank (bank of hours);
- Wellhub (Gympass);
- Shuttle service;
- Annual bonus equivalent to one salary.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
penetration testingRed TeamPurple TeamMITRE ATT&CKweb application testingAPI testingmobile application testingcloud environmentsAWSAzure
Soft skills
team managementcollaborativecustomer orientedmentoringintegritycommunicationleadershipmotivatingtrainingfeedback
