Offensive Security Engineer (Cybersecurity)

Формат работы

remote (только Brazil)

Тип работы

fulltime

Английский

Страна

Brazil

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Offensive Security Engineer (Cybersecurity): Identifying and exploiting vulnerabilities across APIs, mobile apps, and infrastructure with an accent on security automation and red team operations. Focus on building offensive tooling and leveraging LLM-powered agents to detect and fix vulnerabilities in real time.

Location: Remote (São Paulo, Brazil)

Company

hirify.global is building a smarter, AI-driven future for payments and credit.

What you will do

Conduct pentests on APIs, mobile apps (Android/iOS), and infrastructure to identify vulnerabilities.
Execute red team operations, including phishing, social engineering, and privilege escalation to measure organizational resilience.
Engineer security platforms, scanning pipelines, and automation to multiply team impact.
Design and build LLM-powered agents that detect, classify, triage, and fix vulnerabilities in real time.

Requirements

Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices.
Experience with web application and API pentesting; mobile pentesting is a strong plus.
Daily coding proficiency in TypeScript, Go, or similar languages to build tools and services.
Familiarity with cloud infrastructure security (GCP/AWS/Azure), Kubernetes, and service mesh concepts.
Understanding of CI/CD pipelines and how to embed security checks into them.
Experience leveraging LLMs or AI agents for security tasks.

Nice to have

Experience with red team operations: phishing infrastructure, social engineering, and C2 frameworks.
Familiarity with payment industry security, including PCI DSS and card tokenization.
Experience building internal security platforms, dashboards, or vulnerability management systems.
Contributions to open source security tools, published research, or CTF participation.

Culture & Benefits

Fast-paced environment focused on solving hard problems and exploiting real weaknesses.
Hybrid approach blending red teaming with defensive security engineering.
Direct impact on how the company defends itself at scale.
Opportunity to weaponize AI for defensive security purposes.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →