Senior Penetration Tester (Cybersecurity)

TL;DR

Senior Penetration Tester (Cybersecurity): Plan engagements, find security vulnerabilities, and help fix them to improve the company’s cybersecurity posture and resiliency. Focus on working with engineering teams to understand root causes, suggest practical remediations, and sometimes implement fixes.

Location: Remote

Salary: CAD $151,200 - $189,000

Company

hirify.global is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money.

What you will do

• Perform detailed penetration tests, code reviews, or threat models on internal systems, web applications, and other software to discover flaws.
• Determine the real-world severity of discovered issues and suggest actionable recommendations to address security threats and improve application security.
• Create comprehensive write-ups of findings, risk analysis, recommendations, and actionable insights for engineers and other stakeholders.
• Work closely with application security, vulnerability management, infrastructure and platform engineers to implement solutions and enhance the security posture.

Requirements

• Experience (5+ years preferred) in a mix of network, application, and native mobile penetration testing with a proven history of working cross-functionally with high functioning teams.
• Experience performing boundary testing for PCI-DSS card holder environments or equivalent.
• Experience performing mobile testing for Android/iOS applications.
• Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks.
• Knowledge of standard penetration testing methodologies, including NIST SP 800-115.

Nice to have

• Familiarity with Ruby, React, and GraphQL testing.
• Development and/or scripting competence.
• AWS testing experience.
• Previous industry experience in Financial Services.
• Experience using automation and AI to supplement and scale manual testing.
• Offensive Security Certified Professional (OSCP)/Experienced Penetration Tester (OSEP).
• CREST Registered Tester.
• AWS Certified Security - Speciality.
• Bachelors or higher degree in cybersecurity, software engineering, or a related field.

Culture & Benefits

• Top-tier health benefits and life insurance.
• Long-term group savings with employer match using hirify.global for Business platform.
• 20 vacation days + 4 wellness days per year, and unlimited sick and mental health days.
• Employees can work outside of Canada for up to 90 days per calendar year.