Role: Penetration Tester with "Offensive" security testing
Location: Toronto / London, ON
Job Type: Contract or Fulltime
Client is very particular about Offensive security need”
Skill set
- Certified penetration tester with minimum of 2-3 years of hands on work experience directly related to penetration testing, bug bounty hunting, exploit research and development or application & Offensive security testing
- Excellent verbal and written communication skills (English). Ability to write clear and concise assessment reports that include findings, relevance, recommendations, etc.
- Relevant certifications, such as: OSCP, OSCE, GPEN, GWAPT, eWPT, eWPTX , eMAPT, etc. are considered an asset.
- Ability to read and write programming languages. Java, C#, JavaScript, Apex, and Python are highly valued, but others will help too.
- Ability to penetration test Cloud Native Applications running on a major cloud provider infrastructure such as: Microsoft Azure, Amazon AWS or Google Cloud Platform.
Responsibilities
- Perform code reviews and penetration tests to discover and exploit vulnerabilities in Canada Life products (web/mobile/thick/API/cloud).
- Participate in intake, scoping, and planning sessions.
- Produce high-quality reports for both internal and external stakeholders.
- Help review and prioritize vulnerabilities coming from different sources, such as: third party penetration tests, internal security tools, public advisories, etc.
- Develop custom scripts or tools used for vulnerability scanning and identification.
- Stay up to date on current tools, technologies and vulnerabilities to incorporate into testing practices.
- Contribute technical documentation towards the team’s knowledge base.
- Directly communicate with cross-functional teams in Product, Development, DevOps, and Architecture.
- Responsible for driving Offensive Security initiatives
