Back to search
CloudWalk, Inc. Linkedin · Posted 6d ago

Offensive Security Engineer

Brazil

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

About The Role

This is not a traditional pentesting role. At CloudWalk, you’ll go beyond running scans or writing reports. You’ll break into systems, exploit real weaknesses, and then engineer automations and agents to make sure those classes of vulnerabilities never come back. Your work will directly shape how CloudWalk defends itself at scale, turning offensive security knowledge into defensive engineering.

You’ll be part of a team that blends red teaming, mobile/web pentesting, and security automation. If you enjoy moving fast, exploiting hard problems, and coding the solutions, this role is for you.

What You'll Do

  • Break things that matter. Pentest applications across our stack, identifying vulnerabilities in APIs, mobile apps (Android/iOS), and infrastructure before attackers do.
  • Run red team operations. Plan and execute realistic attack campaigns: phishing with custom domains, social engineering, lateral movement, privilege escalation. Measure real organizational resilience, not checkbox compliance.
  • Build offensive tooling. Engineer security platforms, scanning pipelines, and automation that multiply the team's impact.
  • Weaponize AI for defense. Design and build LLM-powered agents that detect, classify, triage and fix vulnerabilities in real time.

What We're Looking For

  • Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices. You can find bugs in source code, not just with a proxy.
  • Experience with web application and API pentesting. Mobile pentesting (Android/iOS) is a strong plus.
  • You code daily. Proficiency in Typescript, Go, or similar, not just scripts, but tools and services others can rely on.
  • Familiarity with cloud infrastructure security (GCP/AWS/Azure), Kubernetes, and service mesh concepts.
  • Understanding of CI/CD pipelines and how to embed security checks into them.
  • Experience leveraging LLMs or AI agents for security tasks.
  • Excellent communication and collaboration skills to work effectively with engineering teams.

Bonus Points

  • Experience with red team operations: phishing infrastructure, social engineering, C2 frameworks.
  • Familiarity with payment industry security (PCI DSS, card tokenization, acquiring flows).
  • Experience building security platforms or internal tooling (dashboards, bots, vulnerability management systems).
  • Contributions to open source security tools, published security research or CTFs.

Join us at CloudWalk, where we're not just engineering solutions; we're building a smarter, AI-driven future for payments and credittogether.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent