Senior Penetration Testing Specialist

Senior Penetration Testing Specialist

Category: Cyber Security
City: Ottawa, Ontario, Canada
Position ID: J0921-1616
Employment Type: Contract

Position Description:

Eligible for reliability/secret clearance.
Remote work until Covid restrictions lift then onsite at our Ottawa location.

CGI has an immediate requirement for a Senior Penetration Testing Specialist to work as part of a larger end-to-end Cybersecurity team where you can leverage your experience and expertise to provide first-class pentesting services to our clients and develop and mentor more junior testers on your team.
Duration: Full time Permanent role
Location: Anywhere in Canada

We are looking for a Senior Penetration Testing Specialist who will apply their expert knowledge of cybersecurity to:
•Provide expert-level penetration testing services, in conventional or cloud environments, to allow our clients to understand their vulnerabilities and risks so that they can undertake effective mitigation efforts;
•Advise on all technical aspects of penetration testing and assist in the development of tools, reporting templates, estimate of proposed engagements, and the development of an effective penetration tool set;
• Be a strong problem solver and exceptional communicator. You will play a key role in working with CGI cybersecurity, business and technology teams to select, present and estimate the cost of penetration testing services to meet clients’ specific requirements.

Your future duties and responsibilities:

•Be a key figure in the continued development of first-class penetration testing capabilities;
•Maintain an ongoing awareness of trends in penetration testing technology, as well as target environment technologies and regulatory requirements.
•Propose, examine and assist in the acquisition and development of suitable penetration testing tools to ensure the delivery of quality services to our clients;
•Conduct penetration testing activities for our clients, either alone, or as lead tester of a small team;
•Interface with, and exchange ideas and contribute to mutual support with other CGI penetration testing teams in the Atlantic Business Units, the USA, UK and Europe;
•Participate in the development of technical cybersecurity service responses to client RFPs; and
•Contribute to client presentations and meetings to discuss proposed penetration testing capabilities and/or how CGI’s capabilities will address the clients’ needs.

Required qualifications to be successful in this role:

•Minimum of five, preferable ten years resident in Canada, without gaps, to the present;
•A university degree, college diploma, or equivalent experience, in applicable digital information sciences;
•Minimum of 12 years of related IT experience, of which at least 8 years is directly related to conducting Penetration Testing;
•Relevant background with a variety of cybersecurity systems, architectural concepts, delivery environments, including experience in both cloud and conventional IT environments;
•Proficiency in IT networking, network protocols, and common network architectures and devices;
•A strong knowledge of how IT operations staff can undertake practical and implementable recommendations to address vulnerabilities effectively;
•Professional experience with common operating systems, both physical and virtual, including but not limited to Windows, Unix/Linux and virtualization platforms such as Citrix, VMWare, etc;
•A sound knowledge of basic coding and scripting, particularly that employed commonly by attackers, as well as that required to support penetration testing, e.g. Perl, Python, Ruby, etc.;
•Experience with security standards and frameworks, including but not limited to those from OSSTMM, OWASP, NIST, PTES, ISSAF, etc. as well as a strong understanding of the Mitre Att&ck Framework;
•Knowledge of Government of Canada security guidelines and standards, including but not limited to ITSG-33 and the technical control requirements of the Security Assessment & Authorization (SA&A) process for conventional, cloud and hybrid Protected B or higher environments;
•A background integrating operations and information security principles;
•Experience analyzing security components of targeted systems to identify weaknesses and develop opportunities for improvement;
•A proven ability to create solutions that align enterprise security architecture frameworks and defined security controls and standards;
• Demonstrated experience creating and delivering presentations and/or discussing technical options and solutions with clients, inspiring confidence and forming trusting relationships;
•Ability to speak, write and communicate clearly, effectively and correctly in fluent English is particularly important; and
•A current Government of Canada security clearance, or the ability to obtain a Government of Canada security clearance at a minimum of Level 1 (Reliability).

Desirable:
•SANS certification in areas related to penetration testing and ethical hacking;
•Certification under the Mitre Att&ck Certification, OSCP, C|EH, and/or GIAC GPEN;
•A valid CISSP certification – other relevant security certifications such as CRISC will be considered; Cloud certification in architecture and related areas; and
•Mobility, while many of our penetration testing engagements are currently conducted remotely especially due to existing COVID concerns, once normal operations can be resumed there may arise requirements for on-site testing at the client’s premises.

Skills:

  • Cyber
  • Security Architecture

What you can expect from us:

Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at www.cgi.com.

No unsolicited agency referrals please.

CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.