Security Penetration Tester
Bulletproof
Halifax, NS
Who We Are…
We are Bulletproof Solutions and like our name suggests, IT security is in the fabric of who we are. We know the risks are simply too great to ignore and we use our expertise to equip our clients with solutions that help protect their businesses.

Why You Should Work With Us…
This is your opportunity to join a growing, fast-paced, successful business which values our employees above all else. Our employees are at the heart of everything that we do and that is why they are our biggest investment. We offer top notch health insurance, RRSP and career advancement/enhancement opportunities to all employees.

What the Role Does…
This position conducts security assessments by probing for and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our client is mitigated.

Duties and Responsibilities include, but are not limited to:
Conducts security assessments that can be multi-faceted for a wide variety of assigned clients
Defines the scope for security testing assignments
Creates quality assurance security test reports and other documentation as needed
Works with clients to develop appropriate remediation plans
Provides clients with exceptional service in a professional, courteous and timely manner
Provides technical support as a subject matter expert in the sale of security testing assignments on an as needed basis
Provides thought leadership and direction for the Information Security practice on malware, attack vectors and methods to protect against threats
Teams up with colleagues in other lines of services in support of client needs for Information Security services
Stays up-to-date on current tools, technologies and vulnerabilities to incorporate into testing practices
Other related duties as assigned

Requirements:
Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent
At least two (2) years working on vulnerability assessment and/or penetration test
Application and/or infrastructure penetration testing experience above and beyond running automated tools
A good understanding of Linux, Windows and network security skills
Excellent written and oral communication skills in English
Ability to meet deadlines and deliver a high-quality product (reports)
Strong attention to detail
Ability to work both independently and perform as a leader in a team environment

Familiar with (if not qualified in) test suites such as:
Nessus
MetaSploit
Burp Suite
Kali
NMap
Fortify
Acunetix
Certifications - One or more of the following certifications are expected from potential applicants:

EC-Council Certified Ethical Hacker (CEH)
EC-Council Licensed Penetration Tester (LPT)
GIAC Certified Penetration Tester (CPEN)
IACRB Certified Penetration Tester (CPT)
Offensive Security Certified Professional (OSCP)
CREST Registered Tester (CRT)
CREST Infrastructure Certification
CESG CHECK Team Leader
CESG CHECK Team Member
Tiger Scheme Senior Security Tester
Tiger Scheme Qualified Security Tester
Any other recognized penetration testing certification/accreditation

The following skills are preferred but not required:
ISO27001 Lead Auditor
CISSP, CISA, CISM Certifications
PCI ASV
CREST recognized penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL)
Experience developing custom scripts or tools used for vulnerability scanning and identification
Familiarity with threat modelling and security design review methodologies
Support team technical development (e.g. through service development or research) and contribute to company technical processes overall
Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro
Experience with physical security testing, phishing and social engineering techniques.
Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB

It is an exciting time to join the Bulletproof team! As part of the GLI family of companies, Bulletproof provides it employees the opportunity to be part of a global company within an exciting industry. While Bulletproof services a wide range of industries, we have a deep knowledge of the gaming industry and how technology powers its processes. As a GLI company, we work in over 475 jurisdictions across the world to deliver IT services that enable better compliance, better performance, and a better experience for the player.

At Bulletproof we are committed to our customers, our team and our communities and look forward to you joining our team.