October 2016: Vulnerability Assessor / Penetration Tester
We are seeking a motivated, security professional to join our penetration testing team in a junior role. The junior tester will assist the team on network, application, and wireless penetration testing engagements in the identification, exploitation, and reporting of security vulnerabilities.
- Conduct full penetration tests of enterprise networks, web applications, mobile applications, and wireless networks.
- Perform additional security services for customers including social engineering campaigns, physical security tests, source code review, and online reconnaissance.
- Provide vulnerability context and remediation information to customers in detailed technical reports.
- Research evolving exploits, techniques, and tools in support of penetration testing efforts.
- Work as part of a team or independently when necessary.
- Must be able to work permanent / full-time in western Canada. This includes Edmonton, Calgary or Vancouver
- 2+ years experience in information security or related field (systems/network administration, application development, etc).
- Bachelor’s degree in Cybersecurity, Digital Forensics, or related field.
- High familiarity with Windows and UNIX environments at a command line level (bash and/or powershell preferred).
- In-depth knowledge of TCP/IP protocols, networking concepts and enterprise network architectures.
- Experience with penetration testing tools such as nmap, Nessus, Kali, Metasploit, Nikto, Burpsuite, Core Impact, Cobalt Strike, etc.
- Knowledge of common web application attacks such as SQL injection, cross-site scripting, session hijacking, cross-site request forgery, etc.
- The ability to learn, study, adapt to, and develop ever-changing vulnerabilities and testing methodologies.
- Strong written/oral communication and technical writing skills.
- Familiarity with OWASP, NIST Cyber Security Framework, ISO 27000 series of standards, and other risk and vulnerability methodologies (PTES, etc).
- Relevant certifications such as CISSP, CEH, CREST, GPEN, OSCP, etc.
- Advanced degree in an information security field.
- Programming skills in Python, Perl, Ruby, or other relevant languages.
- We provide a competitive compensation package that is based on the seniority and qualification of the potential candidate
- Annual profit sharing program
- Flexible employee directed benefits program including continuing education, certification, health and dental, fitness and technology