Summary:

Join our team as a Senior Penetration Tester to lead comprehensive security assessments across complex IT and OT environments. Leveraging your 10+ years of experience, you'll execute internal/external network and application-level penetration tests, including SCADA and PLC environments. You'll utilize tools like Kali Linux, Metasploit, and Wireshark to identify vulnerabilities and simulate real-world attacks. This hybrid role (3 days onsite/2 days remote) requires a Government of Canada "Secret – Level II" clearance. Ideal for certified professionals (OSCP, GPEN, or OPST) with deep expertise in network protocols, wireless testing, and PCI-DSS compliance who thrive in high-stakes cybersecurity engagements.

 

 

Key Responsibilities

Perform internal and external network penetration testing to identify vulnerabilities and assess security risks.

Conduct firewall and perimeter security assessments, including bypass testing.

Evaluate network architectures and identify misconfigurations that could lead to security breaches.

Simulate real-world attacks to test network defenses and response capabilities.

Perform wireless security assessments, VLAN segmentation testing, and network protocol analysis.

Develop and present penetration testing reports with detailed findings and recommendations.

Work with security teams to implement security controls and improve network security posture.

 

Required Qualifications

Security Clearance: Government of Canada "Secret – Level II"

.

Experience:

10+ years conducting penetration testing.

Experience leading/executing External Network- level Penetration Testing

Experience leading/executing Internal Network-level Penetration Testing

Experience leading/executing Application-level Penetration testing

Experience leading/executing PCI-DSS compliance penetration tests

Experience developing test plans

Experience leading/executing penetration tests in an Operational Technology (OT) environment

Experience leading penetration tests in Supervisory Control and Data Acquisition (SCADA) environment

Experience conducting penetration tests in a Program Logic Control (PLC) environment

 

Certifications (any of the following or equivalent):

OSSTMM Professional Security Tester (OPST)

GIAC Penetration Tester (GPEN)

Offensive Security Certified Professional (OSCP)

 

Technical Skills:

Experience with Kali Linux, Metasploit, Nmap, Nessus, Wireshark, Burp Suite.

Strong understanding of network protocols (TCP/IP, DNS, VPNs, Firewalls, IDS/IPS, Load Balancers, etc.).

Expertise in wireless penetration testing (WPA2, WPA3, Bluetooth, etc.).

Familiarity with attack techniques such as MITM, ARP spoofing, pivoting, and lateral movement.