Security Specialist - Penetration testing

Join to apply for the Security Specialist - Penetration testing role at Intact

1 day ago Be among the first 25 applicants

Join to apply for the Security Specialist - Penetration testing role at Intact

Get AI-powered advice on this job and more exclusive features.

Our employees are at the heart of everything we do. Together, we help people, businesses, and society prosper in good times and be resilient in bad times.

Our employee promise represents Intact’s commitment to you in exchange for living our Values, striving to do your best work, being open to change and investing in your career. In return, we promise to provide support, opportunities and performance-led financial rewards at a workplace where you can shape the future, win as a team and grow with us.

About

The Role

What you'll do here:

• Conduct automated and manual penetration tests on a variety of target types (web and mobile applications, APIs, infrastructure, etc.) in complex environments.
• Coordinate and ensure the quality of penetration tests performed by external firms.
• Identify, document, and present vulnerabilities and cybersecurity issues.
• Develop suggestions for patches and mitigation controls aligned with best practices and actionable.
• Collaborate with development and infrastructure management teams to address security vulnerabilities.

• Passionate about cybersecurity and adhere to the concepts of "ethical hacking."
• Autonomous, responsible, and able to lead multiple projects simultaneously while effectively managing priorities.
• Able to analyze complex problems and explain them in simple terms.
• Accustomed to working in a team, collaborating by sharing your ideas and experience, and taking initiatives to develop the skills of your team members.
• At least 10 years in a role related to offensive security and penetration testing, including at least 5 years as a technical leader.
• A certification in penetration testing professional (e.g., OSCP).

• In penetration testing on web and mobile applications, APIs, systems and networks, in black, gray, and white box modes, in on-premises, cloud (AWS, Azure, GCP, etc.), and hybrid infrastructures.
• Using attack simulation tools to evaluate the effectiveness of existing controls.
• Creating environments from which to conduct penetration testing while minimizing risks in a regulated organization.
• Developing tools to test vulnerabilities described in articles and online resources, and developing exploits.
• In creating work methods based on penetration testing standards (OWASP, CWE, CVE, CVSS, NIST, MITRE ATT&CK, etc.).
• In operationalizing Critical Threat Intelligence (CTI) reports in penetration tests.
• In assessing ("scoping") the complexity of a penetration test in terms of time and effort and in identifying attack vectors to prioritize based on risks.
• With penetration testing logistics (planning, defining scope and requirements, authorizations, communications and escalations, legal considerations, etc.)
• With bug bounty programs.
• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
• No Canadian work experience required, but authorization to work in Canada is required.

• A financial rewards program that recognizes your success
• An industry leading Employee Share Purchase Plan; we match 50% of net shares purchased
• An extensive flex pension and benefits package, with access to virtual healthcare
• Flexible work arrangements
• Possibility to purchase up to 5 extra days off per year
• An annual wellness account that promotes an active and healthy lifestyle
• Access to tools and resources to support physical and mental health, embracing change and connecting with colleagues
• A dynamic workplace learning ecosystem complete with learning journeys, interactive online content, and inspiring programs
• Inclusive employee-led networks to educate, inspire, amplify voices, build relationships and provide development opportunities
• Inspiring leaders and colleagues who will lift you up and help you grow
• A Community Impact program, because what you care about is a part of what makes you different. And how you contribute to your community should be just as unique.