NetSPI

Senior Security Consultant (Web Application Penetration Tester)

NetSPI$90K — $130K *
Toronto, ON M3C 0E3In-Person
Information Technology
Less than 5 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT, Computer Science, Engineering, Math, or equivalent experience
  • 3-5 years of experience in Penetration Testing
  • Familiarity with offensive tools (Kali Linux, Burp Suite, Metasploit, Nessus)
  • Extensive understanding of OWASP Top 10 and MITRE ATT&CK framework
  • Working knowledge of Windows, Linux, and MacOS internals
  • Experience mentoring or coaching team members
  • Proficient written and verbal communication skills

Responsibilities

  • Conduct penetration testing on web applications and APIs independently
  • Review reports for technical accuracy and provide oversight
  • Create and collaborate on detailed penetration testing reports
  • Research and develop new techniques and tools for testing
  • Support testing and management strategies for key clients
  • Perform administrative tasks to ensure smooth operations

Benefits

  • Opportunity to work with diverse client environments
  • Chance to develop and innovate penetration testing methodologies
  • Collaboration with a skilled team on security best practices
  • Mentorship opportunities to guide and support junior team members
  • Flexibility with occasional remote work and travel options
Full Job Description
Join the mission asa Senior Security Consultant.We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting web applications, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.

Responsibilities:

  • Conduct engagements onweb applications and underlying APIsindependently and providetechnical oversight

  • Review reports for accuracyintechnical oversight, perform weekly QA oversight, and provide mentoring supportto others

  • Create, deliver, and collaborate on penetration testing reports in diverse client environments,maintainingclient-specific processes, reporting standards, and access protocols to help improve their security posture

  • Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes

  • Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts

  • Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.


Minimum Qualifications:

  • Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience

  • Minimum of3-5 years ofworkexperience inPenetrationTesting

  • Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus)

  • Familiarity with offensive and defensive IT conceptsand protocols

  • Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks.

  • Working knowledge of Windows,Linuxand MacOS operating systems internals

  • Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences

  • Ability to work independently and as part of a team

  • Proficient communication skills, both written and verbal

  • Willingness to travel up to5-10%

  • This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs


Preferred Qualifications:

  • Ability to provide technical and QA oversight onweb applications and underlying APIs.

  • Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#)

  • Offensive cybersecurity certifications(e.g.,GXPN, GPEN, OSCP, GWAPT)

About NetSPI

NetSPI is a leading provider of application and network security testing solutions that support organizations in scaling and operationalizing their security programs. The company's solutions are designed to help businesses identify vulnerabilities and prioritize remediation efforts to reduce risk. NetSPI's offerings include penetration testing, vulnerability management, and application security testing services. The company serves clients across a range of industries, including financial services, healthcare, and retail.
Learn more about NetSPI
Size
500 employees
Industry
Information Technology
Founded
2001
5 Year Trend
+50%
Revenue
$30 million
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at NetSPI

More Information Technology Jobs

Find similar Senior Security Consultant (Web Application Penetration Tester) jobs:

NationwideToronto, ON