Logo for CloudWalk, Inc.

Offensive Security Engineer

Role overview

Qualifications

  • Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices; capable of finding bugs in source code, not just with a proxy
  • Experience with web application and API pentesting; mobile pentesting (Android/iOS) is a strong plus
  • Daily coding practice with proficiency in TypeScript, Go, or similar; building tools and services for others to rely on
  • Familiarity with cloud infrastructure security (GCP/AWS/Azure), Kubernetes, and service mesh concepts

Responsibilities

  • Pentest applications across the stack, identifying vulnerabilities in APIs, mobile apps, and infrastructure before attackers do
  • Plan and execute red team campaigns including phishing, social engineering, lateral movement, and privilege escalation to measure organizational resilience
  • Engineer offensive tooling, security platforms, scanning pipelines, and automation to multiply the team's impact
  • Design and build AI-powered agents that detect, classify, triage, and fix vulnerabilities in real time

About the company

CloudWalk, Inc. logo

CloudWalk, Inc.

Digital Payments & Money Transfer

We are democratizing the payments industry in Brazil, by empowering entrepreneurs through technological, inclusive, and life-changing solutions. Based in Brazil, CloudWalk is a high-end global payment network built on modern technology and proprietary blockchain, focused in bringing a revolution to the payment ecosystem for small and medium-sized businesses. As a unicorn, the company has provided its customers with more than R$ 1 billion in savings by charging fair fees on its transactions and is now present in more than 300.000 businesses across 5.000 brazilian cities. With investors such as the Valor Capital Group, HIVE Ventures and Coatue, the company has already raised US$ 365.5 million in investments and R$3.4 billion in FDICs for anticipation of receivables in its network of financial solutions. In 2022, it was the only brazilian fintech to be featured in the "The Retail Tech 100" ranking by CB Insights, on the "Protection Solutions for Payments and Frauds".

Company details

Company typeSME
IndustryDigital Payments & Money Transfer
Company size201 - 500

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About the Role

This is not a traditional pentesting role. At CloudWalk, you’ll go beyond running scans or writing reports. You’ll break into systems, exploit real weaknesses, and then engineer automations and agents to make sure those classes of vulnerabilities never come back. Your work will directly shape how CloudWalk defends itself at scale, turning offensive security knowledge into defensive engineering.You’ll be part of a team that blends red teaming, mobile/web pentesting, and security automation. If you enjoy moving fast, exploiting hard problems, and coding the solutions, this role is for you.

What You'll Do
  • Break things that matter. Pentest applications across our stack, identifying vulnerabilities in APIs, mobile apps (Android/iOS), and infrastructure before attackers do.
  • Run red team operations. Plan and execute realistic attack campaigns: phishing with custom domains, social engineering, lateral movement, privilege escalation. Measure real organizational resilience, not checkbox compliance.
  • Build offensive tooling. Engineer security platforms, scanning pipelines, and automation that multiply the team's impact.
  • Weaponize AI for defense. Design and build LLM-powered agents that detect, classify, triage and fix vulnerabilities in real time.     

  • What We're Looking For
  • Strong knowledge of common vulnerabilities, exploitation techniques, and secure coding practices. You can find bugs in source code, not just with a proxy.                 
  • Experience with web application and API pentesting. Mobile pentesting (Android/iOS) is a strong plus.
  • You code daily. Proficiency in Typescript, Go, or similar, not just scripts, but tools and services others can rely on.                                                    
  • Familiarity with cloud infrastructure security (GCP/AWS/Azure), Kubernetes, and service mesh concepts.
  • Understanding of CI/CD pipelines and how to embed security checks into them.                                                                                               
  • Experience leveraging LLMs or AI agents for security tasks.
  • Excellent communication and collaboration skills to work effectively with engineering teams.     

  • Bonus Points
  • Experience with red team operations: phishing infrastructure, social engineering, C2 frameworks.                                                                           
  • Familiarity with payment industry security (PCI DSS, card tokenization, acquiring flows).                                                                                  
  • Experience building security platforms or internal tooling (dashboards, bots, vulnerability management systems).                                                           
  • Contributions to open source security tools, published security research or CTFs.       
  • Join us at CloudWalk, where we're not just engineering solutions; we're building a smarter, AI-driven future for payments and credit—together.

    Apply once. Then go straight to the hiring manager.

    After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

    MR

    Marcus Rivera

    Chief Revenue Officer

    m.rivera@company.com
    linkedin.com/in/marcusrivera
    Unlocked after you apply
    ·

    Security Engineer Related jobs

    Other jobs at CloudWalk, Inc.

    Premium

    Reach out to the hiring manager directly.

    Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

    • Full match report with fit score and gaps
    • Career diagnostics on how recruiters read you
    • Curated company matches and warm intros
    • 48h early access to new roles

    Cancel anytime.