Job Description

Job Title: Penetration Testing Analyst
Job ID: 62934
Location: Regina, Saskatchewan

Overview:
Our client has an immediate need to hire several Penetration Testing Analysts on a 1-year contract (with the option of a 1-yr extension), reference number RC-24-001, for their Regina, SK location. The position requires regular onsite meetings so candidates must be local to the Regina area or willing to relocate for the duration of the contract. Our client is looking for one (1) or more Penetration Testing Analyst(s) to join the Cyber Security and Risk Management Branch (CSRM), Cyber Security Maturity Program. This program includes the testing of other client environments when required. The position(s) is a 100% onsite role located at an office in Regina, Saskatchewan, Canada. The work could demand the Resource(s) perform some activities from locations outside of offices. The position(s) is full time with an intended start date for the role(s) of April 1, 2024.

What you will be doing:

Conducting internal and external (remote from Government of Saskatchewan offices) security testing on networks and applications

Assessing physical security, if applicable

Conducting security audits, if assigned

Analyzing security policies and standards

Performing transfer of knowledge with other members of the CSRM Branch

Writing security assessment reports

The Resource(s) will be required to participate in consultant performance evaluation as deemed appropriate

What you must have:

Experience working as a Penetration Tester.

Knowledge of cloud security and cloud-based application architecture and different deployment models.

Demonstrated experience with penetration testing tools.

Demonstrated experience identifying and exploiting vulnerabilities.

Demonstrated knowledge on common attack vectors and techniques, and how to defend against them.

Demonstrated experience in regulatory compliance standards and ensuring compliance during penetration testing.

Demonstrated a strong familiarity and working experience with the ISO 27002:2013, or equivalent, code of practice for information security controls

Achievement of Industry accredited security certifications: such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other equivalent certifications are considered assets.

For more information about TEEMA and to consider other career opportunities, please visit our website at

TEEMA