We are a company made of people and for people. With a solid and inclusive foundation, MC focuses on people to make life simpler for customers, employees, and community members. We create value with everyone’s contribution, we innovate at every step, and we lead closely, paying attention to each person’s qualities and needs. We have different stories and different ideas, but we share the desire to grow and become the best version of ourselves. Everything we are, we achieve together. And there is nothing more inspiring than that.
 
MC Digital is the Information Technology area of MC. We are firmly convinced that technology can re-shape the retail business, bringing more convenience and exceeding customer's expectations. And we offer a unique workplace, combining the typical benefits of a large corporation with an informal and energetic startup environment.
 
So, if you want to be part of this team and take on new challenges, we are looking for you!
 
We are looking for a Red Team Coordinator to join our Security Operations Center team, and we believe we will be #betterwithyou!
 
We count on you to…

• Work in a dynamic and supportive environment, where you will be valued and recognized for your contributions;
• Be part of a transformational project that aims to make MC a benchmark in the area of IT security in the Retail business, increasing the maturity and scope of the IT security services we provide;
• Challenge yourself and increase your skills and knowledge in the field of IT security, facing diverse and complex scenarios and learning from the best in the sector;
• Make a difference and have a positive impact on MC's IT security posture and resilience by helping to identify and mitigate cyber risks and threats;
• As a Red Team Coordinator join our operational security team and oversee the planning, execution and reporting of simulated cyber-attacks against our IT infrastructure, systems and applications;
• Define the objectives, scope and methodology of the RED team's engagements, in line with the company's needs and appetite for risk;
• Lead and guide a team of qualified and motivated ethical hackers, ensuring their professional development and performance;
• Lead and supervise the activities of the RED team, using a variety of tools and techniques to identify and exploit vulnerabilities and weaknesses in our IT environment;
• Communicate and collaborate with relevant stakeholders, such as the BLUE team, IT security management, IT operations, etc;
• Prepare and present clear and actionable reports and recommendations based on the RED team's findings, highlighting risks and remediation strategies;
• Keeping abreast of the latest trends, threats and best practices in the field of IT security and applying them to the RED team's operations;
• Managing the relationship with external service providers, ensuring the quality and compliance of their results and monitoring indicators and SLAs.

 
So, bring with you…

• Bachelor's/Master's degree in Computer Engineering or similar - essential for leading a technical team and understanding the challenges that arise in cybersecurity;
• Experience managing and mentoring a team (preferably Red Team members), ensuring that they have the necessary skills, tools and resources to perform their duties - allows you to ensure that the team has the right skills and tools to perform effective tests and responds quickly to the needs and challenges that arise;
• Experience in monitoring and evaluating the Red Team's performance and progress, ensuring that they meet ethical standards and best practices - Performance monitoring is crucial to ensure that the team is aligned with ethical standards and cybersecurity best practices;
• Solid background in cybersecurity, with at least five years of experience in Red Team, penetration testing or offensive security - This knowledge is essential for leading the team and planning simulated attack operations that help identify and resolve vulnerabilities;
• Knowledge of various tools, techniques and structures used by attackers, such as Metasploit, Nmap, Burp Suite, Cobalt Strike, etc. - allows you to assess the effectiveness of the team's operations and ensure that they are using the best practices and technologies available to simulate realistic attacks;
• In-depth knowledge of network and system architectures, security protocols and controls, as well as common vulnerabilities and exploits - Robust understanding of network architectures and security protocols is required to identify and exploit vulnerabilities;
• Proven ability to plan, execute and report on complex and realistic red team scenarios in accordance with industry standards and best practices such as PTES, MITRE ATT&CK, etc. - crucial for communicating risks and vulnerabilities to stakeholders, facilitating informed decision-making to improve security;
• Good communication and collaboration skills, with the ability to present conclusions and recommendations to technical and non-technical audiences, as well as to coordinate and cooperate with the Blue Team and Purple Team - Effective communication is key in cybersecurity, as it enables the translation of technical information to diverse audiences;
• Certification in a relevant field, such as OSCP, OSCE, GPEN, GWAPT, etc., is highly desirable, but not mandatory - these certifications allow you to be recognized in cybersecurity. Although not mandatory, these certifications demonstrate your commitment to continuous learning and technical proficiency;
• Familiarity with the dynamics and methodologies associated with Blue Team and Purple Team activity, such as incident response, threat hunting, threat intelligence, etc., is an advantage - Understanding incident response and threat hunting methodologies enables you to better integrate defense and attack teams.

 
What you will find…

• Collaborative work environment;
• A dynamic team;
• Career progression and internal mobility opportunities;
• A cohesive and leading company in the retail sector.

 
What we have for you…

• Meal Allowance in cash or in Dá Card (whichever is more advantageous for you);
• Telecommunications Plan with voice, data, and equipment for permanent employees;
• Flex it Up Program - Extra Off Days, Unpaid Leave, Flexible Work Model (when applicable);
• Health and Life Insurance (for permanent employees) with the possibility of extending Health Insurance to family members with advantageous conditions;
• Flexible Benefits Program (when applicable);
• Onboarding and Initial Training Plan, Continuous Training platform, and Financial Literacy Program;
• School Awards and Merit Scholarships for employees’ children (regular and inclusive education), as well as Holiday Programs during school breaks;
• Flu Vaccine including its administration (voluntary participation);
• We Are Sonae Program, providing psychosocial, financial and legal support to employees;
• Ergocoaching Sessions;
• Mental Health Promotion Programs and Nutrition Consultations;
• Discount and Partnership Program with over 300 leading brands;
• Free coffee and fruit available at the workplace;
• Competitive Salary.

 
#BETTERTOGETHER #BETTERWITHYOU

MC Sonae D&I Commitment:
We work to create a work environment based on the richness of profiles and focused on uniqueness, ensuring that everyone feels respected, valued for their skills, and confident in the organization.