Offensive Security Manager

Job not on LinkedIn

November 15

Apply Now

Receive Emails with Similar Jobs

Sioux digital 1:1

WebsiteLinkedInAll Job Openings

B2B • Media • Enterprise

Sioux digital 1:1 is a consultative digital agency that develops integrated marketing, design, and technology solutions to build and optimize clients' digital presence and drive measurable business results. The agency creates campaigns, websites, and platforms for corporate clients (examples include Adobe, AIG, Santander and real estate brands), combining strategy, creative execution and technical implementation across markets in Brazil and Portugal.

51 - 200 employees

🤝 B2B

📱 Media

🏢 Enterprise

📋 Description

• You will be responsible for planning and executing adversary emulation campaigns, conducting structured Purple Team exercises to validate detections, and leading penetration tests of applications, networks, and cloud environments — producing high-quality reports with clear recommendations • Manage and develop a team of 4 junior pentesters, supporting their technical growth, mentoring them on projects, and ensuring consistent, high-quality deliveries • Plan and execute Red Team campaigns (internal and external) aligned with MITRE ATT&CK and realistic adversary profiles • Conduct Purple Team exercises in partnership with the SOC/IR team, validating telemetry, tuning detections, and measuring defensive effectiveness • Perform formal penetration tests on web applications, APIs, mobile applications, networks, cloud environments (AWS/Azure/GCP), and containers — from scoping through to professional report delivery • Manage a team of 3 junior pentesters: distribute tasks, review deliverables, support technical development, and provide continuous feedback • Validate technical reports produced by the team, ensuring risk prioritization, technical evidence, and mitigation recommendations for both technical and executive audiences • Maintain pentest artifacts: authenticated test plans, exploitation PoCs, verification steps, and retest scripts • Ensure all tests comply with rules of engagement, legal boundaries, and ethical standards • Support the definition of standards, Red/Purple/Pentest testing manuals, and the continuous evolution of the offensive security program • Team management: experience leading, motivating, and developing junior professionals, ensuring deliveries meet deadlines and quality standards • Collaboration: comfortable working with SOC, IR, engineering, product, legal, and compliance teams • Business/customer orientation: translate technical issues into risk impact and priorities • Mentorship: experience training junior members, running labs, and leading workshops • Integrity: strong OPSEC discipline, ethical handling of evidence, and compliance with rules of engagement

🎯 Requirements

• Over 5 years in offensive security, with at least 3 years in Red Team/adversary emulation and formal penetration testing • Proven experience in Purple Team: conducting joint exercises, tuning detections, and collaborating with SOC/IR • Strong experience in web application/API penetration testing (OWASP Top 10), authentication/authorization flaws, mobile application testing, networks, and infrastructure • Proficiency in English (written and spoken), with the ability to interact with global stakeholders and produce/validate reports in English • Prior experience in leading or managing technical teams is highly desirable • Applied knowledge of MITRE ATT&CK, emulation methodologies, and Purple Team metrics • Nice to have: experience with modern environments such as Active Directory, Linux, cloud (AWS/Azure/GCP), and containerization • Excellent written and verbal communication skills; ability to create technical reports and executive presentations • Ability to lead projects autonomously, mentor other team members, and manage multiple deliverables

🏖️ Benefits

• Meal voucher or iFood meal allowance • Transportation voucher • Bonus • Health plan • Dental plan • Pharmacy partnership/discount • Life insurance • Ambev Private Pension Plan • School supplies allowance • Christmas hamper and frozen food kit • Christmas toys • Family-friendly policies (extended maternity and paternity leave) and baby welcome gift • Monthly discount on AMBEV products • Hours bank (flexible hours) • Wellhub (Gympass) • Company shuttle • Annual allowance equivalent to one month’s salary