Job Title: Senior Penetration Testing Analyst
Location: Regina, Saskatchewan, Canada – 100% Onsite (Mandatory)
Employment Type: Contract
Engagement Details:
Contract Term: Initial 2 Years + Optional 1-Year Extension
Start Date: February (Last Week – TBD)
Important: This role is strictly onsite in Regina, SK. No remote or hybrid option.
About the Role
We are seeking a Senior Penetration Testing Analyst to support a large-scale government cybersecurity program. This is a hands-on, senior technical role requiring deep expertise in penetration testing, vulnerability exploitation, cloud security, and security reporting within regulated public-sector environments.
The successful candidate will lead complex testing engagements, provide expert-level analysis, mentor internal teams, and deliver high-quality security assessments aligned with recognized industry standards.
Key Responsibilities
Penetration Testing & Security Assessment
- Lead enterprise penetration testing initiatives across networks, applications, APIs, and cloud platforms
- Conduct black-box, white-box, and grey-box testing engagements
- Identify, exploit, and validate vulnerabilities using both manual and automated techniques
- Perform SAST and DAST application security testing
- Execute cloud security testing across Azure and AWS environments
- Analyze attack paths including privilege escalation and lateral movement
Reporting & Risk Management
- Produce executive-level and technical penetration testing reports
- Clearly document risk severity, business impact, and remediation guidance
- Map findings to OWASP Top 10, ISO 27002, and other security frameworks
- Support Threat Risk Assessments (TRAs) and remediation verification
Leadership & Knowledge Transfer
- Mentor internal security teams through walkthroughs and knowledge transfer
- Develop supporting documentation and best-practice guidance
Mandatory Skills & Experience
Penetration Testing
- 8+ years of hands-on enterprise penetration testing experience
Application Security
- 6+ years working with OWASP Top 10 / ASVS
- Proven experience identifying authentication, injection, and access control vulnerabilities
Security Tooling
- 6+ years hands-on experience with tools including:
- Burp Suite Pro
- Metasploit
- Nmap, Nessus / OpenVAS
- OWASP ZAP, SQLmap, Nikto, Nuclei
Vulnerability Exploitation
- 6+ years validating real-world vulnerabilities
- Strong post-exploitation and privilege escalation experience
Cloud Security
- 4+ years testing cloud-based architectures
- Hands-on experience with Azure and/or AWS security testing
Network & OS Security
- 7+ years working with enterprise networks and Windows/Linux systems
Security Reporting
- 6+ years producing detailed reports for both technical and executive audiences
Preferred Compliance & Governance Experience
- 4+ years supporting public-sector or regulated environments
- Strong knowledge of ISO 27001 / ISO 27002 security controls
- Experience working in privacy-sensitive environments
Certifications (Strong Assets)
- CEH (Certified Ethical Hacker)
- OSCP (Highly Desirable)
- CISSP or equivalent senior cybersecurity certification
Deliverables
- Comprehensive penetration testing assessment reports
- Risk-ranked findings aligned to industry standards
- Clear remediation and mitigation recommendations
- Knowledge transfer documentation and walkthroughs
Mandatory Requirements (Non-Negotiable)
- 8+ years of hands-on penetration testing experience
- Ability to work 100% onsite in Regina, SK from day one
- Legal authorization to work in Canada
- Willingness to undergo background and security screening
- Disclosure of any planned vacation during the contract period
Why Join Us
- Long-term engagement with a provincial government cybersecurity program
- Senior-level, hands-on technical ownership
- Opportunity to influence enterprise and cloud security posture
- Competitive all-inclusive contract rate
About NetworkPedia
NetworkPedia is a certified women-owned technology and talent solutions company, providing IT infrastructure, cybersecurity, managed services, and specialized recruitment across North Americas and beyond. Our mission is to empower organizations with secure, scalable, and innovative technology while building inclusive teams that reflect the communities we serve.
As a trusted partner, we deliver expertise across networking, cloud, IT service management, and security operations, along with staffing solutions for niche technology roles. We are committed to diversity, equity, and inclusion (DEI) in all our hiring practices and ensure that our opportunities are open to all qualified applicants, without discrimination on the basis of age, gender, race, ethnicity, religion, sexual orientation, or disability.
How to Apply
Apply directly via LinkedIn Easy Apply.
All applications are routed to recruitment@networkpedia.com
