The company, a national IT consulting firm, is seeking an experienced Penetration Tester to join our team to perform the testing and vulnerability assessments required to help our client, who is undergoing an independent Security Audit, achieve full compliance. The audit ensures their networks, systems, and data protection practices align with evolving cybersecurity standards. Responsibilities :
• Conduct external and internal penetration tests to identify open ports, IP vulnerabilities, and security gaps in both cloud-based (Microsoft 365 / OneDrive / Teams) and limited on-premises environments.
• Perform vulnerability scanning and exploitation testing following recognized frameworks (e.g., OWASP, NIST, ISO 27001).
• Provide documentation and remediation guidance for identified vulnerabilities.
• Support the preparation of evidence and reports for the client’s 3rd-party security audit.
• Collaborate with our internal IT consulting team to validate improvements and risk mitigations.
Qualifications :
• 3+ years’ experience in penetration testing, vulnerability assessments, or red team engagements.
• Strong knowledge of network and system security for Windows Server environments, cloud SaaS (Microsoft 365), and hybrid infrastructures.
• Experience using tools such as Nmap, Metasploit, Burp Suite, Nessus, Qualys, or equivalent.
• Relevant certifications (preferred) : OSCP, CEH, CompTIA Pentest+, GPEN, or similar.
• Ability to produce clear, actionable audit and remediation reports.
If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.
