Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
ISH Tecnologia

Pentest Analyst

ISH Tecnologia

. Conduct penetration tests (internal and external) in corporate environments, web applications, APIs, networks, operating systems and cloud infrastructure.

Posted 4/27/2026full-timeSão Paulo • 🇧🇷 BrazilMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
AWSAzureCloudDNSGoogle Cloud PlatformLinuxPythonTCP/IP

About the role

Key responsibilities & impact
  • Conduct penetration tests (internal and external) in corporate environments, web applications, APIs, networks, operating systems and cloud infrastructure.
  • Plan, execute and document simulated offensive campaigns (Red Team Operations), focusing on defense evasion, lateral movement, persistence and data exfiltration.
  • Develop and apply adversary simulation techniques, based on frameworks such as MITRE ATT&CK, APT TTPs and other threat intelligence sources.
  • Use and customize offensive tools such as Cobalt Strike, Metasploit, Empire, Sliver, BloodHound, Burp Suite, among others.
  • Identify vulnerabilities, misconfigurations and potential attack vectors that could be exploited by malicious actors.
  • Prepare technical and executive reports with findings, evidence and mitigation recommendations.
  • Work closely with Blue Team, SOC and Vulnerability Management teams, supporting Purple Team exercises and improving the organization’s defenses.
  • Continuously stay updated on new attack techniques, tools, exploits and threat landscape trends.

Requirements

What you’ll need
  • Education: Bachelor’s degree in Information Security, Computer Science, Computer Engineering, Information Systems or related fields.
  • Solid experience in penetration testing and Red Team operations.
  • Proficiency with offensive tools such as Metasploit, Burp Suite Pro, Nmap, Cobalt Strike, Sliver, Empire, BloodHound, Responder, Impacket, etc.
  • Hands-on knowledge of vulnerability exploitation, post-exploitation techniques, privilege escalation and EDR evasion techniques.
  • Knowledge of major operating systems (Windows/Linux), networks and communication protocols (TCP/IP, DNS, SMB, LDAP, etc.).
  • Familiarity with frameworks such as MITRE ATT&CK, OWASP Top 10, PTES, NIST SP 800-115.
  • Preferable experience in cloud environments (AWS, Azure, GCP) with an offensive security focus.
  • Ability to develop scripts and exploits in Python, PowerShell, Bash and other languages.
  • Desirable certifications (not mandatory): OSCP (Offensive Security Certified Professional), CRTO (Certified Red Team Operator), OSEP (Offensive Security Experienced Penetration Tester), CRTP (Certified Red Team Professional), eJPT, eCPTX, eWPTX, CEH (Certified Ethical Hacker), CompTIA PenTest.

Benefits

Comp & perks
  • Health plan with no monthly premium for you (co-payment model);
  • Dental plan with no monthly premium for you;
  • Life insurance;
  • Pipo Saúde: Digital broker for health and corporate benefits;
  • Zenklub: Emotional health and well-being platform, with special discounts;
  • TotalPass: Platform that connects you to multiple networks to help with well-being (and your family’s);
  • Private pension plan;
  • Transport allowance;
  • Food or meal allowance;
  • Birthday day off: How about a day off during your birthday month?
  • Casual ISH – Comfort and professionalism go hand in hand: choose an outfit that reflects your well-being while respecting the workplace;
  • Morning and afternoon breakfast with fruit to boost your in-office routine;
  • Employee referral program with cash bonuses;
  • Onboarding kit: We prepare a great kit to support your day-to-day at work;
  • Deeplearning: Our Corporate University – a space dedicated to continuous development for our employees, with courses, trainings and workshops for professional and personal improvement;
  • Opportunity for professional growth;
  • Culture of feedback and development;
  • Exclusive program for leaders;

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingRed Team operationsvulnerability exploitationpost-exploitation techniquesprivilege escalationEDR evasion techniquesscriptingoffensive security
Certifications
OSCPCRTOOSEPCRTPeJPTeCPTXeWPTXCEHCompTIA PenTest