Job Description

Title: Security Specialist - Penetration Testing - Senior
Location: 222 Jarvis St, Toronto, Ontario M3M 0B4
Duration: 247+123 days
Mandatory Requirement:
Current penetration test experience
PENETRATION TEST EXPERIENCE: 35%

• Demonstrated experience in identifying, analyzing, and exploiting common vulnerabilities using both manual techniques and automated tools for web and network pen testing and vulnerability assessments.
• Demonstrated experience in leading penetration tests, web application vulnerability assessments, code reviews and network vulnerability assessments in a large environment with diverse systems; and in common attacks, common web application vulnerabilities, exploits and best practices for remediation.
• Knowledge of IT security methodologies, tools, techniques, security design and architecture, threat/risk concepts and practices, and encryption technologies.
• Ability to acquire and interpret corporate I&IT security strategy, programs, the government`s trust model, and privacy legislation

TECHNICAL EXPERTISE: 25%

• Experience with multiple operating systems, programming and scripting languages, platforms, and network services and protocols. Understanding of emerging I&IT trends, best practices and developments in common attacks, common web application vulnerabilities, exploits and best practices for remediation.

ANALYTICAL AND PROBLEM SOLVING SKILLS: 20%

• Demonstrated analytical and problem-solving skills to determine alternative and innovation solutions where guidelines or policies exist but may not address new and emerging I&IT trends. Ability to conceptualize, interpret and evaluate security exposures across multiple domains.

COMMUNICATION AND RELATIONSHIP BUILDING SKILLS: 10%

• Experience with writing reports aimed at both the executive/non-technical management level, and technical analyst level.
• Oral and written communication, mediation, negotiation, consultative and advisory skills.
• Skills to provide training in the use of commercial security assessment tools and scanners.
• Stakeholder management, partnership and relationship building skills to initiate and nurture strong working relationships with internal and external colleagues.

LEADERSHIP AND PROJECT MANAGEMENT SKILLS: 10%

• Proven ability to provide leadership, advice and direction on business risk planning and co-ordination.
• Demonstrated project methodology and management skills to provide project planning and technical leadership on concurrent projects.

Must haves:

• Current penetration test experience

Responsibilities:

• Conducts penetration tests, web application vulnerability assessments, code reviews and network vulnerability assessments of all environments or applications related to the OPS province-wide I&IT infrastructure and information resources.
• Defines, evaluates, and assesses security architecture requirements for systems environments and IT projects.
• Ensures the incorporation of IT security and contingency measures in the development of systems.
• Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities; protection of personal privacy issues; and appropriate industry and international security standards.
• Carry out information and information technology (I&IT) security projects and tasks in the Ontario Public Service as assigned by Corporate Security or cluster I&IT management

Skills Required