Skip Navigation

Application Security Specialist - Penetration Testing

Job ID 9895498 Date posted 11/06/2018

Primary Locations: Montreal, Quebec, Toronto, Ontario

Employee Status: Regular

Schedule: Full-time


Join a world-class information security team!

We're looking for new talent to expand our security team. We live in a digital world where daily changes require us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security standpoint.

If you'd like to:
  • Influence change
  • Have input in information security
  • Join a dynamic, innovative team
  • Explore new ideas
If you can:
  • Find vulnerabilities that no one else has been able to find and uncover system flaws
  • Develop, as necessary, your own tool or portion of code to complete testing
  • Provide clear, coherent written reports as well as remedial advice based on an overall view of risk
  • Propose solutions proactively
We want to hear from you!

Ways you can make a positive impact in our organization:
  • Inspire a positive work environment and help as a champion, innovator, team player and team support
  • Have a good understanding of system and network architectures 
  • Be able to critically examine an organization and system from the perspective of a malicious actor and articulate the risk in clear and precise terms
  • Conduct in-depth penetration testing, including identifying and reporting security flaws, and making clear, consistent recommendations
  • Identify vulnerabilities that cannot be identified by scanners or automated tools
  • Keep current on the latest security trends and developments 
  • Perform manual application security tests for web applications, APIs, mobiles (iOS and Android) and infrastructure and manual code and configuration code review activities


Your profile:
  • A completed bachelor's degree in a related field plus 7 years of relevant experience, or a completed master's degree in a related field plus 5 years of relevant experience  
  • Certification: OSCP, OSCE, GPEN, CEH, definite assets
  • 3-5 years of experience in the field of information security
  • 3 years of proven experience working with penetration testing tools and manual attacks (Metasploit, Burp Suite, Cobalt Strike, etc.)
  • Proven experience creating and communicating reports on vulnerabilities to various levels of personnel within a large organization
  • Experience with penetration testing in at least three of the following areas: network, system, application, mobile, web, wireless network
  • Experience in programming: being able to code and use scripting languages (python, Perl, etc.), an asset
  • Knowledge of DevOps concepts and processes (e.g. Docker, Kubernetes, Jenkins, Infra as code), an asset
  • Knowledge of the tactics, techniques and procedures associated with the activity of malicious actors (organized crime, fraud groups, etc.)
  • Bilingualism, both spoken and written (English and French)
We strive to be an inclusive organization where all employees are valued. National Bank stands out for its many initiatives to promote inclusion, making it a Canada-wide leader in diversity. 

JobField: IT

Unposting Date: 2019-01-22

Job Number: INF00109

Posting Date: 2019-01-08

Send this opportunity via email

Job Matching

Let us search jobs for you based on the skills and experience listed in your profile.

Start matching