Cooperativa Central Ailos

Information Security Analyst II – Penetration Testing

Cooperativa Central Ailos

full-time

Posted on:

Location Type: Hybrid

Location: BlumenauBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudGoogle Cloud PlatformGraphQLPython

About the role

  • Plan, execute and document internal and external penetration tests, including web applications, APIs, mobile apps, networks, servers, cloud environments and third-party components.
  • Perform in-depth vulnerability assessments, including manual exploitation and validation of findings identified by automated scanners.
  • Simulate real-world attacks, including scenario-based intrusion testing (Black Box, White Box and Grey Box).
  • Conduct Red Teaming/Adversary Simulation activities when applicable.
  • Prepare technical and executive reports detailing findings, attack vectors, severity and remediation recommendations.
  • Support technical teams in understanding and remediating vulnerabilities, providing clear, practical mitigation guidance.
  • Perform security reviews of code and architecture focused on identifying exploitation points (when applicable).
  • Contribute to the evolution of offensive security processes and methodologies, aligned with frameworks such as OWASP, MITRE ATT&CK and PTES.
  • Support the SOC and incident response team by providing offensive insights that contribute to more effective detections.
  • Deliver technical workshops and awareness training focused on offensive security and vulnerability prevention.

Requirements

  • Bachelor's degree in Computer Science, Computer Engineering, Information Security or related fields.
  • Hands-on experience in offensive penetration testing, including exploitation of vulnerabilities in applications, networks, APIs and infrastructure.
  • Proficiency with security tools such as:
  • Burp Suite, ZAP, Nmap, Nessus, Nikto
  • Metasploit, SQLMap, Hydra
  • Feroxbuster, Gobuster, Subfinder, Amass
  • Strong knowledge of OWASP Top 10, ASVS, API Security Top 10, MITRE ATT&CK and PTES.
  • Ability to perform manual exploit development and identify issues not detected by automated scanners.
  • Understanding of application architecture, infrastructure, REST/GraphQL APIs, networks and cloud environments.
  • Familiarity with languages or scripting for exploitation and automation (e.g., Python, Bash, PowerShell).
  • Familiarity with IAM concepts, authentication protocols and API security (JWT, OAuth2, OIDC).
  • Strong analytical skills, clear communication and documentation organization.
  • Proactivity, technical curiosity and an offensive mindset.
  • Knowledge of cloud environments: AWS, Azure and GCP.
Benefits
  • Health insurance – available when you need it
  • Dental insurance – because we value smiles
  • Renascer Program – supporting life transitions
  • Meaningful Dates – we celebrate what matters
  • Education investment – we support your learning journey
  • Profit sharing – we build together and celebrate together on Perten-ser Day
  • Individual Development Plan – we value your career ownership
  • Private pension plan – we like to plan for the future
  • Life insurance – an important benefit
  • Time Together – we recognize those who enjoy being with us
  • Meal and/or food allowance – a treat!
  • Commuting allowance – without payroll deductions
  • Childcare/babysitting allowance – because your child deserves a safe, welcoming place.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingvulnerability assessmentmanual exploitationoffensive securityexploit developmentapplication architectureREST APIsGraphQL APIscloud environmentsAPI security
Soft Skills
analytical skillsclear communicationdocumentation organizationproactivitytechnical curiosityoffensive mindset