Canada & US
Who We Are:
Bulletproof Solutions ULC. is a premiere technology company founded in 2000. Driven by innovative, empowered and creative teamwork, we build solutions that solve business challenges and deliver overall business improvement for our global clients. At Bulletproof, we are committed to our customers, our team and our communities.
Bulletproof’s practices include Security and Managed IT Operations Centers, Quality Assurance and Testing, Integration, Consulting, Education and Product Fulfillment; working together to provide true end-to-end business solutions. Our Security Operations Center protects our clients 24 hours a day by providing extensive security services, including best-in-class technology offerings. Our commitment to our Microsoft Practice elevates security, compliance, productivity and collaboration capabilities, and our Learning Solutions allow us to enhance the knowledge and skill sets of all our clients.
Bulletproof is a Gold Microsoft Partner and a TWO TIME Microsoft Canada Modern Workplace IMPACT Award winner. We are passionate about helping our customers achieve more securely. We are growing. Since the acquisition of Bulletproof by Gaming Laboratories International (GLI), our mandate to expand our capacity and market reach is aggressive. We are building the team to help us achieve those goals, in Canada, in the USA and internationally. We have ambitious plans to leverage our depth of experience across our practices and we are building an ambitious team to achieve those goals together.
Interested? Read on to see if your experience is a fit.
This position conducts security assessments by probing for and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our client is mitigated.
- Conducts security assessments that can be multi-faceted for a wide variety of assigned clients
- Defines the scope for security testing assignments
- Creates quality assurance security test reports and other documentation as needed
- Work with clients to develop appropriate remediation plans
- Provides clients with exceptional service in a professional, courteous and timely manner
- Provides technical support as a subject matter expert in the sale of security testing assignments on an as needed basis
- Provides thought leadership and direction for the Information Security practice on malware, attack vectors and methods to protect against threats
- Teams up with colleagues in other lines of services in support of client needs for Information Security services
- Stays up-to-date on current tools, technologies and vulnerabilities to incorporate into testing practices
- Other related duties as assigned
- Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent
- At least two (2) years working on vulnerability assessment and/or penetration test
- Application and/or infrastructure penetration testing experience above and beyond running automated tools
- A good understanding of Linux, Windows and network security skills
- Excellent written and oral communication skills in English
- Ability to meet deadlines and deliver a high-quality product (reports)
- Strong attention to detail
- Ability to work both independently and perform as a leader in a team environment
Familiar with (if not qualified in) test suites such as:
- Burp Suite
Certifications - One or more of the following certifications are expected from potential applicants:
- EC-Council Certified Ethical Hacker (CEH)
- EC-Council Licensed Penetration Tester (LPT)
- GIAC Certified Penetration Tester (CPEN)
- IACRB Certified Penetration Tester (CPT)
- Offensive Security Certified Professional (OSCP)
- CREST Registered Tester (CRT)
- CREST Infrastructure Certification
- CESG CHECK Team Leader
- CESG CHECK Team Member
- Tiger Scheme Senior Security Tester
- Tiger Scheme Qualified Security Tester
- Any other recognized penetration testing certification/accreditation
The following skills are preferred but not required:
- ISO27001 Lead Auditor
- CISSP, CISA, CISM Certifications
- PCI ASV
- CREST recognized penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL)
- Experience developing custom scripts or tools used for vulnerability scanning and identification
- Familiarity with threat modelling and security design review methodologies
- Support team technical development (e.g. through service development or research) and contribute to company technical processes overall
- Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro
- Experience with physical security testing, phishing and social engineering techniques.
- Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB
At Bulletproof we are committed to our customers, our team and our communities and look forward to you joining our team.