Senior Manager, IAM Control Assurance supporting identity and access management compliance within a global financial organization. Collaborating with cross - functional teams for regulatory and audit compliance.
About the role
- Staff Offensive Security Engineer at RD Saúde concentrating on Adversary Emulation and Purple Engineering. Improving adversary simulations and defenses through collaboration and structured plans.
Responsibilities
- Act as a Staff Offensive Security Engineer in Adversary Emulation & Purple Engineering, performing adversary emulations and scheduled offensive tests to measure, improve, and continuously sustain the effectiveness of prevention, detection, and response.
- Define and maintain the Purple Team / Adversary Emulation strategy and roadmap (objectives, scope, rules of engagement, communication, and governance).
- Plan and execute scheduled adversary emulation exercises based on TTPs (MITRE ATT&CK) and threat intelligence, focusing on continuous improvement (detection, response, hardening, and automation).
- Develop Adversary Emulation Plans and realistic attack scenarios, prioritized by risk/criticality and aligned with business context.
- Conduct ad-hoc offensive tests (e.g., exposure validation, controlled exploitation, identity abuse, lateral movement, and simulated exfiltration) in a safe and authorized manner.
- Work side-by-side with the Cyber Defense Center (CDC) to validate detection hypotheses, telemetry gaps, alert quality, and response times; support the evolution of playbooks.
- Support the Automation Core in automating collections, simulations, instrumentation, and continuous validation (detection-as-code, pipelines, and repeatable tests).
- Produce detection engineering artifacts (e.g., Sigma/KQL/SPL rules, correlations, logging requirements) and actionable recommendations (mitigations and reconfigurations).
- Conduct debrief sessions, lessons learned, evidence recording, and retests to validate fixes and the evolution of the defensive posture.
- Define metrics and executive/technical reports (e.g., ATT&CK coverage, detection rate, telemetry gaps, control effectiveness) and track action plans.
- Technical management of vendors and service providers (scope, quality, evidence, SLAs, validation and acceptance), ensuring adherence to rules of engagement and improvement objectives.
- Act as a technical reference, supporting the foundation of the area, internal training, and the definition of standards and best practices.
Requirements
- Bachelor's degree completed.
- Solid experience in Offensive Security: red team, pentest, war games, adversary emulation and/or purple teaming.
- Proven practice in conducting Purple Team exercises with effective collaboration between offensive and defensive teams, turning findings into verifiable improvements.
- Mastery of MITRE ATT&CK (tactics/techniques/TTPs) and ability to structure emulation plans and scenarios based on reports and evidence.
- Practical knowledge of emulation and post-exploitation tools and techniques in corporate environments (with safety and authorization), plus strong fundamentals in networking, Windows/Linux, and identity.
- Experience in detection engineering (rules/queries, correlation, telemetry and logging) and integration with SIEM/EDR/XDR and automation/SOAR.
- Ability to operate with governance: rules of engagement, operational risk management of tests, documentation, evidence, and reporting.
- Experience managing technical vendors and service delivery (defining scope, validating deliverables and acceptance).
- Certifications: OSCP/OSCE, GXPN/GPEN, GCIH/GCIA, CRTO, and/or MITRE ATT&CK Defender / Purple Teaming.
- Experience with emulation platforms (MITRE Caldera), Atomic Red Team, and developing automations/scripts (Python/PowerShell).
- Knowledge of cloud offensive security (Azure/AWS/GCP) and identity attacks (AD/Azure AD/Entra).
- Experience building a program (templates, cadence, metrics, governance) and executive presentations.
Benefits
- Profit Sharing (PPR)
- Medical Insurance
- Dental Insurance
- On-site Cafeteria
- Life Insurance
- Commuter/Transportation Allowance
- Pharmacy Benefit
- Partnerships with Partner Companies
- Gym Assistance (Wellhub)
- Holiday Food Basket
- Career Path
- Extended Maternity and Paternity Leave
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Security Engineer focusing on application security for Relativity software products. Collaborating with teams to implement security best practices and address security vulnerabilities.
Senior Security Analyst supporting Certification and Assurance at Mastercard. Managing certifications and conducting control testing against various security standards and frameworks.
Senior Information Security Engineer designing and maintaining security solutions for Utica National Insurance Group. Collaborating across teams to defend against cyber threats and ensure compliance.
Program Manager driving strategic alignment and overseeing enterprise - wide transformation programs at St Vincent's Health Australia. Leading cross - functional teams and ensuring programs deliver value within scope and timelines.
Cloud Security Architect shaping security architecture for scalable cloud solutions at GRAYOAK. Collaborating with cross - functional teams to ensure secure software development and architecture.
Cloud Security Specialist ensuring the security of customer services and infrastructure in cloud platforms. Implementing monitoring tools and enhancing security policies for clients’ cloud environments.
Information Systems Security Officer for federal programs, managing security and compliance in IT. Assessing risks and delivering training to enhance cybersecurity practices.
Distinguished Engineer for AI & Product Security at Workday, driving security strategy for AI technologies and cloud - native applications. Leading security architecture and complex reviews across critical products.
Hands - on Security Engineer working across multiple layers for a cloud procurement platform. Ensuring security while developing automated workflows in a global team environment.