Ethical Hacker (Application Security)

TL;DR

Ethical Hacker (Application Security): Performing penetration testing of web, mobile, and API applications with an accent on whitebox testing, source code review, and reverse engineering. Focus on identifying complex vulnerabilities, bypassing security controls, and providing expert remediation strategies for enterprise SaaS and custom applications.

Location: Remote (Must be based in Canada)

Salary: 80,000 - 120,000 CAD per year

Company

hirify.global provides expert-level penetration testing services focused on identifying risks before they become headlines.

What you will do

• Conduct penetration testing for web applications, mobile apps, thick clients, and APIs.
• Perform source code review and whitebox testing to demonstrate the impact of application flaws.
• Reverse engineer mobile and thick client applications.
• Execute SAST and DAST on enterprise, SaaS, and custom in-house applications.
• Develop detailed technical and executive reports on findings and remediations.
• Chain application flaws to cloud and on-prem AD infrastructure.

Requirements

• Must be based in Canada.
• Extensive expertise in using attack proxies, specifically Burp Suite (mandatory).
• Professional qualifications such as OSCP (mandatory), OSWE, or BSCP.
• Solid knowledge of programming languages including C, C#, Python, Objective-C, Java, JavaScript, SQL, and AngularJS.
• Deep understanding of AI/LLM weaknesses and OWASP standards for Web, API, Mobile, and AI/LLM.
• At least 2 years of experience dealing with information security-related tasks.

Nice to have

• 3-5 years of experience working in penetration testing and consulting.
• Graduate of a post-secondary college or university degree program.

Culture & Benefits

• Immediate and continual offensive security training.
• Wealthsimple GRSP with corporate matching.
• Participation in corporate benefit plans.
• Fully remote working environment.
• Collaborative team culture emphasizing humility and continuous learning.