Offensive Security Manager

Job not on LinkedIn

November 14

Apply Now

Receive Emails with Similar Jobs

Mollica IT

WebsiteLinkedInAll Job Openings

Recruitment • B2B

Mollica IT is a São Paulo–based recruitment and selection agency specializing in sourcing and placing IT professionals for companies in Brazil and abroad. The firm positions itself as a hands-on recruitment partner, offering fast, accurate hiring solutions across a broad range of technical roles — from C-level and PMO to DevOps, cloud (Azure/AWS), ERP (SAP, Oracle), big data and data science, databases, infrastructure and telecom, cybersecurity, Salesforce, mobile and full‑stack development, QA/testing and commercial/business roles. Mollica IT emphasizes speed, quality, inclusive hiring and partnership-style service for corporate clients.

11 - 50 employees

Founded 2013

🎯 Recruiter

🤝 B2B

📋 Description

• Plan and execute Red Team campaigns (internal and external) aligned with MITRE ATT&CK and realistic adversary profiles; • Conduct Purple Team exercises in collaboration with the SOC/IR, validating telemetry, tuning detections, and measuring defensive effectiveness; • Perform formal penetration tests on web applications, APIs, mobile applications, networks, cloud environments (AWS/Azure/GCP) and containers; • Manage a team of 3 junior pentesters: assign tasks, review deliverables, support technical development and provide continuous feedback; • Validate technical reports produced by the team, ensuring risk prioritization, technical evidence and mitigation recommendations for both technical and executive stakeholders; • Maintain pentest artifacts: authenticated test plans, proof-of-concept (PoC) exploits, verification steps and retest scripts; • Ensure all tests follow rules of engagement, legal boundaries and ethical standards; • Support the definition of standards, Red/Purple/Pentest testing manuals and the continuous evolution of the offensive security program; • Other area routines.

🎯 Requirements

• Team management: experience leading, motivating and developing junior professionals, ensuring deliveries meet deadlines and quality standards. • Collaborative mindset: ability to work effectively with SOC, IR, engineering, product, legal and compliance teams; • Business-oriented: translates technical issues into risk impact and priorities; • Mentor: experience training junior members, conducting labs and workshops; • Integrity: strong discipline in OPSEC (Operational Security), ethical handling of evidence and compliance with rules of engagement; • Solid experience in offensive security, with background in Red Team/adversary emulation and formal penetration testing; • Proven experience with Purple Team activities: conducting joint exercises, tuning detections and collaborating with SOC/IR; • Strong experience in web application/API penetration testing (OWASP Top 10), authentication/authorization flaws, mobile device testing, networks and infrastructure; • Previous leadership or management experience of technical teams is highly desirable. • Applied knowledge of MITRE ATT&CK, emulation methodologies and Purple Team metrics. • Bachelor's degree.

🏖️ Benefits

• Meal allowance or iFood voucher; • Transport allowance or company shuttle; • Health plan and telemedicine; • Dental plan and pharmacy discounts; • Life insurance; • Private pension (Ambev Institute); • School supplies assistance, toys and baby kit; • Holiday hamper and Christmas kit; • Annual bonus + salary allowance; • Monthly discount on Ambev products; • Gympass (Wellhub); • Time bank (flexible hours); • Family-friendly company (extended maternity and paternity leave).