Penetration Test Lead
Interac Corp. Head Office
Interac Corp.
Discover more about everyday conveniences Interac can provide to make your life easier and payment solutions that can drive your business.Penetration Test Lead
At Interac, we design and deliver products and solutions that give Canadians control over their money so they can get more out of life. But that’s not all. Whether we’re leading real-time money movement, driving innovative commerce solutions like open payments for transit systems, or making advancements in new areas like verification and open banking, we are playing a key role in shaping the future of the digital economy in Canada.
Want to make a lasting impact amongst a community of creative thinkers, problem solvers, technical virtuosos, and high-performance application developers? We want to hear from you.
We are currently recruiting for a full-time Penetration Test Lead to be part of our Threat & Vulnerability Management team within Cybersecurity. This role will lead the Penetration Test program to deliver penetration test services throughout Interac.
You’ll be responsible for:
Establish and manage the overall penetration test program strategy and roadmap
Act as technical PM and lead the delivery of penetration test engagements against a variety of assets, including infrastructure, services, and applications
Lead red team and purple team engagements; create appropriate objectives and milestones based on threat intelligence
Standardize testing methodology and frameworks to streamline penetration test processes
Establish and maintain key relationships with trusted penetration test vendors
Collaborate with internal teams to interpret and understand business risks to derive penetration test objectives and outcomes
Test security controls by creating attacker patterns using threat intelligence to simulate real-world attackers
Ensure penetration tests are conducted in accordance with organizational processes such as Enterprise Change Management
Advise stakeholders at various levels on penetration tests results, including non-compliance against defined standards
Provide clear recommendations on remediation expectations to stakeholders to improve overall security posture
Provide status updates and summary reporting to internal stakeholders
You bring:
5+ years of experience in Cyber Security or Threat Management fields
Excellent writing and presentation skills to facilitate communication of test objectives, results, and recommendations to various stakeholders
Working experience with leading penetration test engagements to meet business objectives
Experience working with 3rd party vendors to conduct penetration test engagements
Outcomes driven, the ability to figure-it-out to reach the desired outcome
Strong sense of personal responsibility and accountability for delivering high quality work, both personally and at a team level
Ability to communicate effectively to both technical and non-technical stakeholders
Ability to work autonomously with attention to detail
Ability to switch between detailed and strategic discussions as needed
An understanding of technical concepts and are an avid learner of new technology
Eligibility to work for Interac Corp. in Canada in a Full Time Capacity
Technical skills:
Expert knowledge of the different types (application, network, infrastructure, red, purple, etc) of penetration tests and their relevant tests stages
Familiar with penetration test methodologies and frameworks such as NIST, OWASP, TIBER-EU
Experience using Cyber Kill Chain and Mitre ATT&CK frameworks
Working knowledge in computer networks, network security, cyber security, technical writing, risk management, ITSM, SIEM, SOC, VM
Experience with DevSecOps and SDLC processes
Experience in applying threat intelligence to influence penetration test outcomes
Experience in conducting or supporting Incident Response investigations
Knowledge of information security standards, regulations, and legislation such as NIST, ISO 27001/2
Cybersecurity certificates such as CISSP, CEH, OSCP
Interac requires employees to complete a background check that is completed by one of our service providers. We use this service to complete the following checks:
- Canadian criminal record check;
- Public safety verification;
- Canadian ID cross-check;
- 5-year employment verification;
- Education verification; and
- If applicable, Credit Inquiry and Social Media Check
How we work
We know that exceptional people have great ideas and are passionate about their work. Our culture encourages excellence and actively rewards contributions with:
Connection: You’re surrounded by talented people every day who are driven by their passion of a common goal.
Core Values: They define us. Living them helps us be the best at what we do.
Compensation & Benefits: Pay is driven by individual and corporate performance and we provide a multitude of benefits and perks.
Education: To ensure you are the best at what you do we invest in you
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Banking CEH CISSP Compliance Cyber Kill Chain DevSecOps Incident response ISO 27001 MITRE ATT&CK Network security NIST OSCP OWASP Red team Risk management SDLC SIEM SOC Strategy Threat intelligence Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.