Senior Security Consultant - Penetration Testing

Full job description
Location: Vancouver, BC, CA, V6B 0M3 Calgary, AB, CA Burnaby, BC, CA Montréal, QC, CA Edmonton, AB, CA Toronto, ON, CA Ottawa, ON, CA Qu?bec, QC, CA
Req ID: 48343
Jobs by Category: Technology Solutions
Job Function: Cybersecurity
Status: Full Time
Schedule: Regular
Description


Join our team


Prevent. Protect. Prevail. We live in a fast-paced cyber-world where protecting our information has become paramount. At TELUS Cyber Security, we strive to always be steps ahead, tackling the toughest security challenges head-on with top talent and cutting edge technology. Define your career today as a Senior Consultant with our Security Professional Services team!


Here’s the impact you’ll make and what we’ll accomplish together


Reporting to the Principal, Cyber Security Professional Services as part of the TELUS Cyber Security Professional Services team, Senior Consultant, Penetration Testing supports client security testing engagements.


If you possess extensive experience in offensive security and penetration testing and its underlying principles and have strong working experience in the field with current, effective and advanced technical skills in web application security, infrastructure testing, cloud security, vulnerability management, red/blue team engagements and making recommendations for remediation, this role might be just for you!


Here’s How


You are proficient with current application vulnerabilities, particularly those listed in the OWASP Top 10 and CWE Top 25
You have practical expertise with commercial and open-source intrusion testing tools (e.g.: Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit, CANVAS, SQLMap, Empire, etc.)
You are able to support client projects and mandates, write reports and prepare presentations, leveraging your communication skills to popularize technical findings to a non-specialized audience
You have good knowledge of Linux and Windows operating systems
You have some experience with programming languages (Python, PowerShell, Ruby or other relevant languages)
You are familiar with industry standard methodologies and standards in penetration testing (PTES, OWASP, CREST, OSSTMM, CWE, CAPEC, CVE, CVSS, etc.)

Qualifications


You’re the missing piece of the puzzle:


You have 5+ years of experience in penetration testing, development and/or technical support in cybersecurity
Cybersecurity is your passion and you have an "ethical hacker" mindset
You want to evolve in a dynamic, innovative and modern technological environment
You master offensive security tools such as Qualys, Nessus, Nmap and others
You are comfortable with web application assessment using Burp Suite, SQLMap and OWASP Zap
You want to join a team that performs infrastructure and web application security assessments, both automated and manual
You show strong interest in continuous learning of new technologies
You have strong oral and written communication skills, collaborative spirit and report writing abilities
You have experience working with clients from various business sectors and types of organizations
You are capable of analyzing complex problems and discussing them in a simple, logical and thoughtful manner

Nice-to-haves:


Concrete practical experience in the field
Understanding of Internet of Things (IoT) security
At least 8 years of experience in information technologies
University degree or equivalent experience in a relevant discipline
Knowledge of social engineering techniques and wireless security testing
Professional certifications (e.g.: OSCP) or willingness to obtain them
Basic knowledge of GRC (Governance, Risk and Compliance) standards
Contributions to open-source projects
Experience with CTF (Capture The Flag) competitions and/or "bug bounty" programs
Experience in software development
Knowledge of current cloud infrastructures (AWS, Azure, GCP, etc.)
Bilingualism (French and English)
Certifications (Nice-to-haves)
GIAC Web Application Penetration Tester (GWAPT)
GIAC Certified Penetration Tester (GPEN)
Offensive Security Certified Expert (OSCE)
Certified Secure Software Lifecycle Professional (CSSLP)
Certified Security Analyst (ECSA)
Please note: This position is a mobile/remote work setting.


The successful candidate will be required to undergo a security check and may need to meet eligibility requirements for access to classified information.


Salary Range: $101,000-$151,000
Performance Bonus or Sales Incentive Plan: 15%
Actual total compensation will be determined based on factors such as knowledge, skills, performance and experience. In addition, TELUS offers rewarding benefits such as:

Comprehensive total rewards package highlighting competitive salary and bonus structures, minimum 3 weeks of vacation, and flexible benefits plan to meet the needs of you and your family
Flexibility to work in-office, virtually or a combination of both, based on the role's requirements
Generous company matched pension and share purchase programs
Opportunity to give back to communities in which we work, live and serve
Career growth and learning & development opportunities to develop your skills
And much more …
A bit about us

We’re a people-focused, customer-first, purpose-driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world.

You’ll find our engaging, high-performance culture personally fulfilling, professionally challenging, and financially rewarding. We’re committed to diversity and equitable access to employment opportunities based on ability. Your unique contributions and talents will be valued and respected here. When you join our team, you’re helping us make the future friendly.

Note for Quebec candidates: if knowledge of English is required for this position, it is because the team member will be asked, on a regular basis, to interact in English with external or internal parties or to use English applications or software as part of their tasks.