Penetration Tester

Fredericton, NB, Canada ● Halifax, NS, Canada ● Moncton, NB, Canada Req #605
22 December 2022
Who We Are:  
Headquartered in Atlantic Canada with offices across the United States and around the world, Bulletproof has decades of experience in IT, security, and compliance. The company’s footprint now includes users on six continents trusting Bulletproof to address their technology challenges and strengthen their security posture. 
Driven by innovative, empowered and creative teamwork, we build solutions that solve business challenges and deliver overall business improvement for our global clients. At Bulletproof, we are committed to our customers, our team and our communities. Bulletproof's practices include Security and Network Operations Centers, Security Assessment & Audit, Quality Assurance and Testing, Project Management, Microsoft Consulting, Managed Services, Managed Security Services, and Product Fulfillment; working together to provide true end-to-end business solutions.   
Why Bulletproof:  
At Bulletproof, our people are the core of who we are and what we do. Founded in Atlantic Canada and now operating globally, it’s our people who drive us and who bring us together. We believe that it’s through trusting and empowering our entire team, that we achieve more. Bulletproof is a Microsoft Solutions Provider, a FOUR-PEAT Microsoft Canada Workplace Impact Award winner, and crowned the 2021 Microsoft Global Security Partner of the Year. Bulletproof is proud to be a member of the Microsoft Intelligent Security Association. We are committed to helping our customers achieve more. 

What the Role Does…

This position conducts security assessments by probing for and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our client is mitigated.  
Duties and Responsibilities include, but are not limited to:   

Conducts security assessments that can be multi-faceted for a wide variety of assigned clients  
Defines the scope for security testing assignments 
Creates quality assurance security test reports and other documentation as needed  
Works with clients to develop appropriate remediation plans 
Provides clients with exceptional service in a professional, courteous and timely manner 
Provides technical support as a subject matter expert in the sale of security testing assignments on an as needed basis  
Provides thought leadership and direction for the Information Security practice on malware, attack vectors and methods to protect against threats 
Teams up with colleagues in other lines of services in support of client needs for Information Security services 
Stays up-to-date on current tools, technologies and vulnerabilities to incorporate into testing practices 
Other related duties as assigned  
Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent 
At least two (2) years working on vulnerability assessment and/or penetration test 
Application and/or infrastructure penetration testing experience above and beyond running automated tools 
A good understanding of Linux, Windows and network security skills 
Excellent written and oral communication skills in English  
Ability to meet deadlines and deliver a high-quality product (reports) 
Strong attention to detail 
Ability to work both independently and perform as a leader in a team environment  

Familiar with (if not qualified in) test suites such as:   

Burp Suite  
Certifications - One or more of the following certifications are expected from potential applicants:   
EC-Council Certified Ethical Hacker (CEH)  
EC-Council Licensed Penetration Tester (LPT)  
GIAC Certified Penetration Tester (CPEN)  
IACRB Certified Penetration Tester (CPT)  
Offensive Security Certified Professional (OSCP)  
CREST Registered Tester (CRT)  
CREST Infrastructure Certification  
CESG CHECK Team Leader  
CESG CHECK Team Member  
Tiger Scheme Senior Security Tester  
Tiger Scheme Qualified Security Tester  
Any other recognized penetration testing certification/accreditation 
The following skills are preferred but not required:  

ISO27001 Lead Auditor  
CISSP, CISA, CISM Certifications 
CREST recognized penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL) 
Experience developing custom scripts or tools used for vulnerability scanning and identification 
Familiarity with threat modelling and security design review methodologies 
Support team technical development (e.g. through service development or research) and contribute to company technical processes overall 
Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro 
Experience with physical security testing, phishing and social engineering techniques.  
Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB 

Equal Opportunity Statement:  
Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status. 

Other details

  • Job Family Canada
  • Pay Type Salary
  • Employment Indicator Regular
Location on Google Maps
  • Fredericton, NB, Canada
  • Halifax, NS, Canada
  • Moncton, NB, Canada