We need an English-fluent Penetration tester, based in Latin America, available to work remotely.

We are looking for someone with exceptional communication and relationship-building skills, who embraces changes while maintaining strong attention to detail. An interested and proactive person, who's constantly learning and improving their skills.

Are you the one we are looking for?

Responsibilities:

• Conduct penetration tests: Plan and execute formal penetration tests against web applications, APIs, internal and external networks, cloud environments, and systems.
• Perform vulnerability assessments: Run, tune, and interpret automated scanners and use manual techniques to validate findings and identify gaps such as open ports, misconfigurations, weak credentials, and insecure platforms.
• Document and report findings: Produce clear, actionable technical reports and executive summaries that include evidence, risk ratings, remediation guidance, and verification steps.
• Simulate real-world attacks: Use threat modelling and adversary tactics, techniques, and procedures (TTPs) to emulate realistic attack scenarios and assess detection and response capabilities.

Requirements:

• 3+ years in penetration testing, red team, vulnerability research, or an equivalent cybersecurity role
• Understanding of blue team methodologies (threat detection, SOC operations, or incident response) and how they integrate with offensive testing
• Proven experience performing penetration tests and vulnerability assessments across applications, networks, and cloud platforms.
• Deep familiarity with manual exploitation techniques and automated security tools (e.g., Burp Suite, Nmap, Metasploit, Nessus/OpenVAS, OWASP ZAP, Wireshark).
• Programming/scripting skills in one or more languages (Python, Bash, PowerShell, JavaScript, or similar) for automation and exploit development.
• Familiarity with cloud security (AWS, Azure, GCP) and common misconfigurations in cloud services.