Senior Penetration Tester

ISA is seeking an experienced Senior Penetration Tester with application security experience. The successful candidate will contribute to a fast-expanding practice that evaluates the security posture of organizations through advanced testing techniques. If you are passionate about offensive security and ethical penetration testing and are looking for a challenging and rewarding career, this is the right opportunity for you. Our people are our most valuable asset and we encourage career growth and development opportunities for every individual on our team.

You will be joining an exciting and rapidly growing company. This is an outstanding position offering an attractive salary, defined career path, and excellent employee benefits. This is a permanent, full time position to start immediately. Pay will be base salary.

About Us: ISA is a cybersecurity-focused technology firm, with almost three decades of experience helping organizations of all sizes solve complex challenges relating to IT security.  We act as trusted advisors in providing services to help our clients define, implement and manage their strategies to minimize IT security related risk, and to provide a secure business environment for their employees and customers. We also deliver state-of-the-art cybersecurity solutions thanks to strong partnerships with the industry’s leading Technology Vendors.

Why Join Us? At ISA, every employee makes a P.A.C.T. to Embody Our Corporate Core Values, everyday.  Our core values (Passion for Excellence, Accountability, Commitment, Trust) shape the community and culture we have built and are an active part of everything that we do. We also believe that what will make you great is your individual contributions to your team; think of your team as a start-up that learn from each other. If you’re looking for autonomy and no old-fashioned hierarchy, ISA and you could be a match made in heaven

Principal Duties

As a Senior Consultant, you will perform various activities with respect to Penetration Testing and application security, including, but not limited to:

 

    • Experience conducting Vulnerability Assessments and Penetration Testing
    • Performing web and mobile application security assessments
    • Cloud Technologies (e.g. Azure, AWS, Google, IBM, etc.)
    • Expert knowledge of ethical hacking principles and techniques
    • Ability to articulate, document and communicate risk effectively
    • Experience conducting Security Assessment exercises including SANS Top 20 Audits
    • Experience with architecture and design of security solutions within large, complex enterprise environments
    • Researching and learning about information security trends, new testing techniques, and best practices, and knowledge sharing with the team
    • Providing clear and concise communication (written and oral) to clients that consists of findings, recommendations, road maps, and actionable plans
    • Familiarity with network and endpoint security point products configuration best practices
    • Open-source threat intelligence research, analysis and application
    • Cloud Security Gap Assessments
    • Application Threat Modeling
    • Running DAST, SAST and SCA and performing analysis
    • Helping clients to build security automation testing into CI/CD pipelines and develop DevSecOps practices
    • Offensive security exercises related to Application and Cloud Security
    • In-depth expertise in Network and endpoint, security solutions would be considered an asset

Skills, Experiences and Qualifications:

    • Malware Reverse Engineering
    • Source code reviews
    • Best Practices of Payload Development, Assembly  and Distribution
    • Cloud Services Security Testing
    • ISO 27000 series such as 27001, 27002, 27032, 27035
    • NIST SP 800 series
    • PCI DSS
    • OWASP Top Ten
    • SANS Institute – CIS Critical Security Controls
    • Vulnerability management
    • Bilingual in French and English is considered an asset

 

The ideal candidate with have the following certifications and/or education:

 

  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Security Professional (CISSP)
  • Offensive Certified Security Professional (OSCP)

 

Apply

To apply for this position, please complete the form below.

© 2019 ISA Cybersecurity Inc. All Rights Reserved.

Cookie Notice
We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. If you continue to use this site, you consent to our use of cookies.

Technology Partners

Thanks for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back.

Become an Infinity Partner

Thanks for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back.