Senior Penetration Testing Manager

Confidencial (Apenas para Cadastrados)'s Product Security organization is looking for a Penetration Testing Senior Manager to lead our Offensive Security team. You will lead a team of accomplished penetration testers whose mission will be to conduct offensive pen-testing activities against our microservices, applications, infrastructure, data-layer and AI-based services. You will work with our engineering groups to define pen-test scope, schedule, lead assessment engagements, and map assessment findings into engineering plans for remediation, guiding our product security uplift activities. This is a unique opportunity to make impacts on our overall security posture, define the strategic direction and evolution of our assessments team, and help Engineering improve our security designs for our next generation of systems and services. You will report to the VP of Product Security.

In this role you will;

• Lead and develop our geographically distributed offensive security and pen-test team. Mentor junior pen-testers on TTPs
• Organize pen-test preparation and scheduling activities for in-house and out-of-house white-box and grey-box assessment activities.
• Create written assessment reports for both engineering and IT consumers
• Validate, refine, and defend the offensive security team's work product
• Oversee Confidencial (Apenas para Cadastrados)'s responsible disclosure programs (RDP) and bug-bounty programs
• Be a subject matter expert and ambassador to Confidencial (Apenas para Cadastrados) Engineering in secure coding practices, penetration testing, and all other aspects of application, AI, and infrastructure security

• Hold an Offensive Security Certified Professional (OSCP) certification
• 3 or more years of management experience, and 10+ years overall of security assessment experience
• Have a formal knowledge of attack vectors, exploits and mitigations, and be able to verbalize Tactics, Techniques and Procedures (TTPs) related to carrying out security assessments
• Prior experience scoping and performing pen-testing of applications, and microservices-based environments, from limited to full scope across multiple API & UI technology stacks, public cloud and infrastructure.
• Problem-solve and make decisions with incomplete information using your judgment and experience.
• Strong verbal and written English language skills

• You’ll bring experience using AI and AI-related technologies, ready to thrive here.
• You’ll apply AI every day to business challenges - improving efficiency, contributing solutions, and driving results for your team, our company, and our customers.
• You’ll grow with AI by staying curious about new trends and best practices, and by sharing what you learn so others can benefit too.

Total Rewards

In addition to a great compensation package, paid time off, and paid parental leave, many Confidencial (Apenas para Cadastrados) employees are eligible for bonuses.