Our Client is looking for a Senior Security Specialist with strong experience across penetration testing red team exercises threat hunting vulnerability assessments source code review and network and application security.
The successful candidate will support cybersecurity initiatives across Ontario Provincial Police and OPS province wide I&IT infrastructure applications systems and information resources. This role requires hands-on offensive security expertise strong technical analysis and the ability to document risks and provide recommendations to both technical and executive audiences.
Key Responsibilities
Conduct penetration tests vulnerability assessments source code reviews network vulnerability assessments threat hunting activities and red team exercises
Identify analyze and exploit common vulnerabilities in web applications networks systems and enterprise environments
Use manual testing techniques and enterprise-grade automated tools to assess security posture
Lead or support red team exercises to simulate cyber attack scenarios and identify exploitable weaknesses
Conduct network threat hunting and assess suspicious activity attack paths and potential compromise indicators
Define evaluate and assess security requirements and safeguards for system environments and IT projects
Identify gaps or weaknesses in security architecture and recommend mitigation strategies
Ensure IT security and contingency measures are incorporated into system development and secure deployment
Advise on security risks privacy concerns vulnerabilities and compliance with relevant security standards
Support I&IT security projects and tasks as assigned by the OPP Chief Security Office and/or cluster I&IT management
Prepare clear reports document risks and provide recommendations for technical teams business stakeholders and executive management
Must-Have Experience
10 plus years of experience in penetration testing red team tactics threat hunting or network and application security Strong experience conducting penetration tests and vulnerability assessments Strong experience with red team tools techniques tactics and strategies Strong experience with network threat hunting and network vulnerability assessments Experience reviewing source code and identifying security weaknesses Experience writing security reports documenting risks and presenting recommendations to diverse audiences Strong understanding of security architecture application security and network security testing
Required Skills
Hands-on experience with web application security testing Experience identifying and exploiting common application and infrastructure vulnerabilities Knowledge of vulnerability assessment methodologies tools and techniques Knowledge of secure system design security safeguards and security controls Ability to assess security requirements across complex and distributed systems Knowledge of security technologies such as encryption access controls firewalls authentication digital signatures and malware protection Working knowledge of security audit procedures and protocols Experience establishing secure environments at the network operating system or application level Strong analytical problem-solving and decision-making skills Strong written and verbal communication skills Ability to manage competing priorities meet deadlines and work with multiple stakeholders
Nice-to-Have Skills
Public sector experience Experience in law enforcement public safety or highly sensitive environments Experience with Windows and Linux operating systems Experience with programming languages such and Java Experience with DAST SAST source code review log collection and log analysis Experience with IDS IPS SIEM network monitoring and threat hunting tools Experience with incident response forensic investigation business recovery and disaster recovery planning Experience performing threat and risk assessments Experience with Public Key Infrastructure Knowledge of Information Management principles concepts policies and practices Experience with secure design frameworks and agile delivery environments
Our Client is looking for a Senior Security Specialist with strong experience across penetration testing red team exercises threat hunting vulnerability assessments source code review and network and application security. The successful candidate will support cybersecurity initiatives across Ontari...
Our Client is looking for a Senior Security Specialist with strong experience across penetration testing red team exercises threat hunting vulnerability assessments source code review and network and application security.
The successful candidate will support cybersecurity initiatives across Ontario Provincial Police and OPS province wide I&IT infrastructure applications systems and information resources. This role requires hands-on offensive security expertise strong technical analysis and the ability to document risks and provide recommendations to both technical and executive audiences.
Key Responsibilities
Conduct penetration tests vulnerability assessments source code reviews network vulnerability assessments threat hunting activities and red team exercises
Identify analyze and exploit common vulnerabilities in web applications networks systems and enterprise environments
Use manual testing techniques and enterprise-grade automated tools to assess security posture
Lead or support red team exercises to simulate cyber attack scenarios and identify exploitable weaknesses
Conduct network threat hunting and assess suspicious activity attack paths and potential compromise indicators
Define evaluate and assess security requirements and safeguards for system environments and IT projects
Identify gaps or weaknesses in security architecture and recommend mitigation strategies
Ensure IT security and contingency measures are incorporated into system development and secure deployment
Advise on security risks privacy concerns vulnerabilities and compliance with relevant security standards
Support I&IT security projects and tasks as assigned by the OPP Chief Security Office and/or cluster I&IT management
Prepare clear reports document risks and provide recommendations for technical teams business stakeholders and executive management
Must-Have Experience
10 plus years of experience in penetration testing red team tactics threat hunting or network and application security Strong experience conducting penetration tests and vulnerability assessments Strong experience with red team tools techniques tactics and strategies Strong experience with network threat hunting and network vulnerability assessments Experience reviewing source code and identifying security weaknesses Experience writing security reports documenting risks and presenting recommendations to diverse audiences Strong understanding of security architecture application security and network security testing
Required Skills
Hands-on experience with web application security testing Experience identifying and exploiting common application and infrastructure vulnerabilities Knowledge of vulnerability assessment methodologies tools and techniques Knowledge of secure system design security safeguards and security controls Ability to assess security requirements across complex and distributed systems Knowledge of security technologies such as encryption access controls firewalls authentication digital signatures and malware protection Working knowledge of security audit procedures and protocols Experience establishing secure environments at the network operating system or application level Strong analytical problem-solving and decision-making skills Strong written and verbal communication skills Ability to manage competing priorities meet deadlines and work with multiple stakeholders
Nice-to-Have Skills
Public sector experience Experience in law enforcement public safety or highly sensitive environments Experience with Windows and Linux operating systems Experience with programming languages such and Java Experience with DAST SAST source code review log collection and log analysis Experience with IDS IPS SIEM network monitoring and threat hunting tools Experience with incident response forensic investigation business recovery and disaster recovery planning Experience performing threat and risk assessments Experience with Public Key Infrastructure Knowledge of Information Management principles concepts policies and practices Experience with secure design frameworks and agile delivery environments