Location: United States/ Canada Remote

Who We Are:

Named 2019 and 2020 Partner of the Year | Modern Workplace by Microsoft Canada, Bulletproof is proud to be a Microsoft Gold Partner with twelve gold competencies, a recent inductee into the Microsoft Intelligent Security Association and holder of Microsoft’s Advanced Specialization in Threat Protection. And nobody knows security like we do; Bulletproof has more than two decades in the IT and cybersecurity business, protecting clients’ privacy and data on six continents.
We are growing! Our mandate to expand our capacity and market reach is aggressive. We are building the team to help us achieve those goals; in Canada, in the USA and Internationally. We have ambitious plans to leverage our depth of experience across our practices and are building an ambitious team to achieve those goals together.
We are looking for a passionate Senior Application Security Consultant to join our growing technical delivery team.


Security Consultants at Bulletproof engage with clients in the following ways:

 Perform manual source code reviews and penetration testing for web and mobile applications.
 Work with clients identifying security risks and recommending remediation.
After a few weeks of shadowing team members, new hires will have a solid understand of our daily process. This may include review of source code, dynamic testing applications or devices, or preparing documentation for our clients. Some other noteworthy responsibilities would include:
 Collaborate with engineering teams to devise novel approaches to securing software.
 Contribute to internal toolkits and methods for security automation and custom analysis.

Qualifications & Experience:

 Passion for exploring software and identifying ways to attack and defend it. 
 Knowledge with performing manual application security testing, the OWASP Top 10, and the OWASP Testing Guide.
 Familiarity with some of the following; BurpSuite Professional, Zap, Nessus, Netsparker, Acunetix, commercial static source code analysis (SAST) tools, and dynamic application security (DAST) tools.
 Experience performing web application security assessments including manual source code reviews and dynamic/hybrid testing.
 Confident in explaining technical details to both technical and non-technical audiences.
 Ability to collaborate and work directly with security and software teams to enhance the security posture of their systems.
 Experience with testing development frameworks using one or more of the following languages: Java, C#, JavaScript, Go, Python, Swift, Kotlin, Ruby, TypeScript, C, C++, Rust, Objective-C, or Scala.
 Able to work independently. 
 Good communication and report writing skills. 
 Can mentor junior and mid-level consultants.
 Ability and strong desire to learn anything in this job posting and more.

Preferred But Not Required:

 Prior Security Consulting experience. 
 Experience as a Web and mobile developer.
 Network Vulnerability assessment. 
 Understanding of cloud-based architectures (AWS, Azure, GCP) and patterns such as microservices and cloud-native systems.
 Experience with report writing tools such as Plextrac, Dradis, Ghostwriter
 Has a certification demonstrating intermediate or better penetration testing competency, such as such as OSCP, OSWE, GMOB, and GWAPT.

We offer a competitive total compensation packet, with benefits that include… The option to have 100% employer paid health, dental, & vision insurance for single coverage 
• 100% Employer paid group insurance benefits, including life insurance
• 4 weeks paid time off (per year)
•  Paid holidays
•  Yearly discretionary bonus and the opportunity for performance-based bonuses throughout the year
•  401K retirement savings plan with 50% matching contribution (up to 2.5% of your annual salary)
•  Educational assistance program

Salary Range 
$80,000USD - $110,000USD depending on qualifications and experience.

Equal Opportunity Statement:  Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status.