We are looking for Senior Pentester as technical specialists who execute hands-on security assessments to web applications, APIs, and supporting infrastructure.O que terás de fazer - Conduct grey-box penetration testing across all OWASP ASVS categories (authentication, session management, input validation, cryptography, etc.); - Perform testing in isolated environments; - Document all findings in real-time; - Develop proof-of-concept exploits and provide step-by-step reproduction steps; - Conduct retesting of previously identified vulnerabilities after implemented fixes; - Participate in planning and scoping discussions; - Review asset documentation, technical specifications, and source code (when provided); - Write clear, structured technical findings in English suitable for both technical and executive audiences; - Comply with our partner's Rules of Engagement (ROE) and security protocols; - Report Critical vulnerabilities immediately and High vulnerabilities within 24 hours; - Collaborate with the Lead Tester on quality assurance and peer review processes. O que deves garantir - Experience Minimum 3 years conducting web application penetration testing; - Familiarity with OWASP ASVS, OWASP Top 10, and secure coding principles; - Strong written and verbal English skills for technical reporting; - Certifications OSWE, GWAPT, GXPN, CEH, or equivalent are considered assets but not mandatory. - Proficiency with industry-standard penetration testing tools: Web Application: Burp Suite Pro, OWASP ZAP, SQLMap, Nikto; Network/Infrastructure: Nmap, Metasploit, Wireshark; Custom Tooling: Ability to develop scripts (Python, Bash) for specialized testing; - Experience conducting authenticated testing (using provided credentials); - Ability to perform code-assisted assessments when source code is available; - Strong analytical skills to identify root causes and assess business impact; - Experience testing large-scale, multi-tier, or cloud-hosted environments. O que te proporcionamos - Direct employment contract with the client; - 100% remote work model.