Principal Penetration Tester

Requisition ID: 134624

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Team

The role:
The Cyber Security Red Team (CSRT) is looking for a Senior Principal Penetration Tester, with expertise in network penetration testing and experience conducting Red Team engagements, to join our internal penetration testing team. As a Senior Principal resource, you will be responsible for leading testing practices within your core areas of expertise, and accountable for the delivery of technical services within your domain. Collaborating with the CSRT Service Management Team, responsible for overall engagement oversight and coordination,you will ensure services are delivered in alignment with CSRT's mission, and the Bank's Global Security Strategy.

As a Senior Principal Penetration Tester, you can expect to support 15 - 40 engagements annually, as either the lead tester, or through assessment oversight where supporting more junior team member and third-party lead engagements.

Is this role right for you?

This role is ideal for professional penetration testers who are interested in on a leadership role, and helping to build and mature the Bank's Red Team Program.
You take initiative and dedicate time to continuing your education, practising your craft and honing your skills.
Patient, and seek to share knowledge and coach junior team members.
You have strong customer service skills

Do you have the skills that will enable you to succeed in this role?

This role is ideal for penetration testing professionals with + 5 Years experience in penetration testing, and +10 years experience in Information Security overall.
Experienced and familiar with defensive technologies, and able to identify organizational level control gaps, and articulate risk & recommendations to resolve.
Possesses strong leaderships skills, and able to provide technical coaching to junior team members.
Experienced in developing custom tooling, and leverage whitepapers and online resources to enhance testing practices for the team.
Possesses an in-depth understanding of testing methodologies, within their area of expertise. (ex

OWASP Web & Mobile testing methodologies and OSSTMM, and the MITRE ATT&CK Framework.)
You possess strong communication (verbal/written/presentation) skills in English, and able to develop and presentexecutive ready reports and presentations. The same in Spanish is a strong asset.

What's in it for you?

Joining the Bank of Nova Scotia's Cyber Security Red Team will enable you to enhance yourcyber career by providing a wide range of opportunities and experiences to learn from, in addition to professional training.
The Cyber Security Red Team encourages personal development of both technical and soft skills in alignment with personal development goals and career objectives, and offers advancement based on personal capabilities.
As an inhouse team member, you will have the opportunity to work in a diverse team, that encourages team work, and provides learning opportunities, and time for knowledge sharing and individual projects.
We have no stuffy dress codes; casual attire is welcome.
We offer flexible work arrangements, with the ability to work remotely.
A competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.
Free onsite & offsite employee parking with charging stations for electric vehicles onsite

IN-TECH

Location(s):Canada : Ontario : Scarborough

Scotiabank is a leading bank in the Americas. Guided by our purpose: ''for every future'', we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

JOB TYPE

Work Day:Full Time

Employment type:Permanent Job

Salary:Negotiable

JOB REQUIREMENTS

Minimal experience:Unspecified