Sr. Pen-Tester – Security Analyst
Duration: 8 Months to Start (Likely to extend)
Location: Calgary, AB - Remote
Overview:
Our Enterprise client is looking for Sr. Pentester – Security Analyst to complete network pen-testing. This includes manual pen-testing of network, cloud systems and integrations to support the release of critical features and components, changes as part of PCI in order to certify the secure engineering of the new ecosystems and protect the organization from any potential harm (fine, penalty, impact on image/brand) - as vulnerabilities are introduces through flaws created by changes, new services, deployments and integration.
Responsibilities:
- Pen-testing activities & reports
- Secure Product Design
- Workflow, Processes, Documentation
- Manual code review (when applicable)
- Formalizes and communicates threats, attacks & countermeasures as well as priority for remediation.
Must Haves:
- A minimum of 2 information security certifications is required e.g. GIAC, CISSP, CEH, GWAPT, OSCP, OSCE, OSWE
- Strong experience in Network security, network and infrastructure pen-testing
- Strong experience in malware analysis, pivoting, code review, exploit writing
- Strong understanding of development architecture such as API, web services, etc.
- Strong knowledge of development and scripting languages (at least 2 of the following languages: Java, Node.JS, C#, .Net, Python, Groovy, Bash, Ruby, Powershell)
- Strong understanding of threat modelling practices
- Strong experience in cloud testing