Penetration Tester
Back to All Jobs
[social_share]
Our client requires a tester to perform comprehensive penetration testing, code review, and vulnerability assessments across large-scale public sector IT environments. The resource will strengthen cybersecurity posture by evaluating security controls, identifying risks, and ensuring compliance with provincial policies and industry standards. This role includes contributing to secure system development by integrating threat analysis, contingency planning, and architectural security requirements.
Work is hybrid. Resource will be onsite minimum of 1 day per week either in Orillia or Toronto, ON.
Toronto or Orillia, Ontario (Hybrid)
Responsibilities
- Conducting penetration tests, vulnerability assessments, code reviews, threat hunting, network vulnerability assessments and red team exercises in all environments or applications related to province wide IT Infrastructure and information resources
- Defining, evaluating, and assessing security requirements and safeguards for systems environments and IT projects.
- Ensuring the incorporation of IT security and contingency measures in the development and secure deployment of systems.
- Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities; protection of personal privacy issues
- Conduct penetration tests, code reviews, and vulnerability assessments for provincial law enforcement systems and applications
- Lead threat hunting and red team exercises to simulate cyber-attacks and identify vulnerabilities.
- Define and assess security architecture requirements across systems and projects.
- Ensure IT security and contingency measures are integrated into system development.
- Advise on security risks, privacy concerns, and compliance with industry standards
Mandatory Requirements
- 10+ years’ experience conducting penetration tests
- 10+ years’ experience Reviewing source code
- 10+ years’ experience writing reports
Desirable Requirements
- Public Sector experience
- Experience with multiple operating systems (such as Windows and Linux), multiple programming languages (such as.NET and Java), multiple architecture, development methodologies, and common network services and protocols.
- Experience in Penetration Testing, Red Team Exercises and Threat Hunting methods along with hands on experience with relevant tools, tactics, techniques and procedures.
- Knowledge and understanding of Information Management principles, concepts, tactics, techniques and procedures.
- Experience in Incident Response (IR), business recovery and Disaster Recovery (DR) planning.
- Experience in performing threat and risk assessment.
- Experience in Public Key Infrastructure (PKI) development and operation.
- Experience in secure design frameworks, principles and methodologies as part of systems development projects in an agile, fast paced technology driven public safety/law enforcement business operation.
- Experience in Intrusion Detection Systems (IDS), intrusion Protection Systems (IPS) and Security Information and Event Management (SIEM) systems.
- Experience in mitigation tools for malicious software.
- Experience in network monitoring, threat hunting and related tools. tactics, techniques and procedures.
- Experience in incident response and forensic investigation tools, techniques and procedures.
- Experience with source code review (DAST, SAST), log collection and analysis.
- Knowledge and understanding of Information Management principles, concepts, policies and practices.
Job Posting ID: 56677
Location: Toronto or Orillia, Ontario (Hybrid)
Estimated Starting Date: Mar 30, 2026
Estimated End Date: till Mar 29, 2027
Posting Closing Date: March 6, 2026
Apply for this Job Posting
Fill in the form below to submit your application for this position.