This is a fully remote position, open to applicants in Canada.

• Perform penetration testing on web, network, mobile, and API platforms to uncover vulnerabilities.

• Assist in team evaluations by simulating realistic attack scenarios.

• Create and implement tailored exploits, scripts, and attack sequences.

• Review source code to identify security flaws within applications.

• Evaluate cloud security in AWS, Azure, and GCP, in addition to containerized environments such as Docker and Kubernetes.

• Work alongside blue teams, SOC analysts, and developers to address identified issues.

• Compose comprehensive technical reports and present findings to both technical and non-technical audiences.

• Keep abreast of zero-day vulnerabilities, APT strategies, and new threats.

• Engage in CTFs, security research, and bug bounty initiatives to enhance skills.

• 3-5 years of practical penetration testing experience.

• Expertise in manual testing methods that go beyond automated scans.

• In-depth knowledge of OWASP Top 10, MITRE ATT&CK, and CVSS scoring systems.

• Experience with Active Directory attacks, privilege escalation, and lateral movements.

• Proficient in using some or all of the following: Burp Suite, Nessus, Metasploit, and Kali Linux.

• Familiarity with scripting languages such as Python, PowerShell, Bash, or Ruby.

• Understanding of secure coding practices and DevSecOps methodologies.

• Strong communication and interpersonal abilities.

• Competitive salary, performance-based incentives, and a comprehensive benefits package.

• Ongoing learning budget, sponsorship for certifications, and clear pathways to senior leadership roles.

Penetration Tester

People also viewed