NBCC Consulting is looking for a Senior Pentester to join our Cyber Security consulting team. This is a great opportunity to work with market leading specialists who provide world class threat intelligence, penetration testing, security monitoring, incident response and vulnerability management services to some of the world’s most prestigious organizations.
As Senior Pentester, your main responsibilities will be the following ones :
Vulnerability management and assessment (attack & penetration testing, red team testing);
Planning and execution of intrusion tests;
Hardening of high management solutions;
Tenable platform management;
Issuancing of technical opinions and improvement proposals for risk mitigation;
Updating general documentation;
Establishing professional and trust relationships with clients and staff, contributing to a flexible, stable, and team-oriented working culture;
Acting as mentor and coach to the junior members of the team and leading by example.
Academic education in Computer Engineering or similar fields of study, mainly in referenced universities;
Between 3 to 6 years of professional experience in Pentesting area;
Relevant experience in Red Team penetration testing, in consulting environment;
OSCP (Offensive security certified professional) and / or CCNA R&S certifications;
Experience in code development and / or review : C#, C / C++, VB.NET, ASP, PHP, Powershell, Python or Java;
Understanding the data flow of an application and network components (SMTP, LDAP, Database servers);
Knowledge about OWASP and CWE / SANS classification systems;
Experience in Access Management, Change Management, Firewall & IPS rule sets and information leakage prevention and QoS;
Experience in Network Configuration with Firewall Devices;
Experience in systems security assessments and security design reviews of perimeter security application;
Knowledge about Linux, Tenable and Kubernetes;
Fluent written and verbal communication skills in both Portuguese and English.
Ideally, the candidate also have :
Other certifications : GPEN, CEH, CompTIA Pentest +;
Knowledge of Audit and Risk standards : ISO27k1, ISO27k5, ITIL.
Integration in a company in strong growth for several years;
Permanent employment contract;
Salary package compatible with the function and experience demonstrated;
Please send your updated CV to , and if you are not contacted within two weeks we will keep your CV in the database for future recruitment processes.
All applications will be treated confidentially under the Data Protection Act. Only applications that meet the requested profile will be considered.
All other will be in database for future requests.