Penetration Testing Consultant


Job Details

Penetration Testing Consultant

Toronto, Ontario

12/03/2019

37493

Contract/Temp

Job Description



Region: Greater Toronto Area

Employment Type: Contract

Security Clearance: No Clearance Required

Language Requirements: English

Job Reference Number: 37493-KC

 

As an ethical hacker, you will be working with multiple clients on providing penetration testing services, vulnerability assessments, and mitigation advice related to the infrastructure and information resources.

 

Responsibilities:

 

• Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments

• Develop comprehensive and accurate reports and presentations for both technical and executive audiences on findings, effectively communicating findings, and providing recommendations

• Recognize and safely utilize attacker tools, tactics, and procedures

• Manage and oversee vulnerability programs to detect and mitigate vulnerabilities in organizations

• Strategize in developing innovative security testing services for emerging technologies

• Reviews and identifies false positives generated by scanners or tools

• Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness

• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.

• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.

• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

• Configuration review of information technology systems including network devices, applications, databases, and virtual environments

• Perform web application scanning and using various tools to discover vulnerabilities such as cross-site scripting, SQL injection, cross site request forgery, remote code execution

 

Experience and Qualifications:

 

• Working knowledge of symbolic execution, malware analysis, pivoting, source code scanning, exploit writing

• Experience and knowledge with industry tools, security threats, attacks & countermeasures, sources of industry information and standards

• Knowledge of cloud security platforms and relevant security measures

• Knowledge of encryption algorithms, techniques, deployments

• Experience with Social Engineering techniques

• Network penetration testing and manipulation of network infrastructure

• Mobile and/or web application assessments

• Email, phone, or physical social-engineering assessments

• Shell scripting or automation of simple tasks using Perl, Python, or Ruby

• Developing, extending, or modifying exploits, shellcode or exploit tools

• Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)

• Reverse engineering malware, data obfuscators, or ciphers

• Source code review for control flow and security flaws

• Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell

• Bachelor's degree in a technical field desired

 

Other Additional Comments:

Are you an ADGA employee or consultant? If so, check out our new referral program!

ADGA Group Consultants Inc. has policies and procedures in place to support its employees with accommodation requirements throughout the organization.

Accommodations are available on request for candidates taking part in all aspects of the selection process. If accommodation is required, it is requested that you contact ADGA’s Accessibility Officer.


© 2019, Bond International Software, Inc. All rights reserved.

Version 2019.3us