Company - Our esteemed client is a global leader in financial services and digital transformation, recognized for delivering innovative banking solutions and maintaining a strong commitment to cybersecurity excellence. This organization invests heavily in emerging technologies and offers professionals the opportunity to work on complex security challenges within a highly regulated environment.
Job Title - Intermediate Pen Tester Leveraging AI Tools
Location - Toronto, ON, Canada (Hybrid preferred in downtown Toronto; remote candidates within Canada will also be considered)
Role Type - Contract (6 months with potential extension)
Must Have Skills:
- Penetration testing methodologies
- AI-powered security and vulnerability analysis tools
- Vulnerability assessment and validation
- Application security knowledge
- Vulnerability lifecycle management
Responsibilities and Job Details:
- Conduct comprehensive penetration tests using established security testing methodologies.
- Leverage AI-powered security tools to enhance vulnerability discovery, assessment, and analysis.
- Analyze and validate vulnerabilities identified through AI-generated findings and traditional testing techniques.
- Document security vulnerabilities with clear, actionable remediation recommendations.
- Assess and prioritize vulnerabilities based on business risk, exploitability, and potential impact.
- Perform application security assessments and identify application-level security weaknesses.
- Support vulnerability lifecycle management from discovery through remediation and validation.
- Collaborate with development and security teams to communicate findings and drive remediation efforts.
- Review and verify the accuracy of AI-assisted vulnerability analysis results.
- Maintain awareness of emerging security threats, penetration testing techniques, and AI-driven security technologies.
- Contribute to the Threat & Vulnerability Management (TVM) program by improving testing processes and methodologies.
- Provide clear reporting and technical guidance to stakeholders regarding security risks and mitigation strategies.
