Security Advisor Specialist, Offensive Security; Global Red Team

Our employees are at the heart of everything we do. Together, we help people, businesses, and society prosper in good times and be resilient in bad times.

Our employee promise represents Intact’s commitment to you in exchange for living our Values, striving to do your best work, being open to change and investing in your career. In return, we promise to provide support, opportunities and performance-led financial rewards at a workplace where you can shape the future, win as a team and grow with us.

• Flexible work arrangements and a hybrid work model

• Possibility to purchase up to 5 extra days off per year

• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more

• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)

118,

15%

As part of our commitment to Win As A Team
, we share our success with employees through our annual bonus plan and Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.

Our pension offerings provide flexibility and long-term security for our employees beyond their careers. We are one of the few companies offering the opportunity to receive guaranteed income for life via our defined benefit pension plan.

Salary for the candidate will be determined taking into consideration a number of factors including: experience, skills, qualifications, anticipated contribution to role, internal equity, etc. The salary range presented above is based on a 35-hour workweek and would represent a majority of different candidate profiles. However, we encourage candidates who may fall outside of this range to apply as well.

The Security Specialist, Offensive Security is responsible for testing the security controls, the network, and threat response for Intact Financial globally (All regions and all affiliate companies). He/she works as a specialist employing techniques, tactics and protocols to test security controls, working as part of a global offensive security team.

The Specialist, Offensive Security reports to the Director, Offensive Security and works with a team of technical advisors across multiple locations and time zones.

If you can think outside of the Kali box, and love to think like an attacker (with a track record to prove your capabilities) we want to talk to you about joining our team!

• Conduct reconnaissance on network environment to build external landscape using industry standard tools, threat intelligence feeds, OSINT and other readily available information sources

• Conduct offensive security testing to ensure security controls and response actions are effective. If you are detected, shifting from a red team focus to a purple team approach – your purpose isn’t to create a “Gotcha!” moment – our mission is to strengthen our controls throughout the entire attack chain across the enterprise.

• Employ attack strategies to simulate real‑world attacks by threat actors and benchmark response capabilities across the enterprise.

• Ability to identify and exploit vulnerabilities in computer systems, networks and applications to simulate attacks by threat actors – you have a proven track record of evading modern EDR (e.g. Crowdstrike, MDE, Sentinel One) while elevating privileges/hitting your target.

• Analyze and report on the results of security assessments and make recommendations to improve the security posture of the enterprise.

• You understand the TCP/IP stack in depth and know how to exploit it to create covert beacons, C2 channels, exfiltrate data across DNS. Understanding how routing tables work (e.g. BGP) and how they can be exploited is an asset.

• Work with regional cyber governance and risk teams to ensure that findings are properly tracked for remediation

• Generate the required metrics and reports to support the CISO IFC Affiliates in reporting on enterprise security control effectiveness

• Leverage…