Job DescriptionWhat Will You Do?- Execute web and mobile application testing with a focus on digital crime scenarios in mature production environments.
- Actively participate in the full lifecycle of projects - from idea development and proposal writing to execution and stakeholder debriefs.
- Mentor and provide technical guidance to junior team members.
- Help evolve and improve team processes and service offerings.
What Do You Need to Succeed?Must-Have- 5+ years in cybersecurity, with offensive web and mobile application experience
- One or more, OSCP, OSCE, OSMR, CRTO, other reputable technical certifications or related to AI security
- OSWE, BSCP and other reputable technical certifications or related to web application security
- Mobile application and device testing experience for Android and iOS
- Deep understanding of web application and offensive security testing techniques, including: OWASP Web Security Testing Guide and OWASP Mobile Application Security Testing Guide (MASTG)
- Working knowledge of programming languages and frameworks including but not limited to JavaScript, SQL, AngularJS, Node.js, React, etc.
- Familiarity with web services and data exchange formats such as JSON, SOAP, REST, and XML
Nice-to-Have- Purple and AI Red Teaming experience
- Experience in the financial sector
- Programming/scripting experience in Python, C#, C/C++
- Building and managing C2 infrastructure
- Social engineering tactics
- Exploitation across operating systems, applications, and devices
What's in It for You?Join a team that operates in complex, high-impact environments. Work with passionate offensive security professionals and take your skills to the next level through public and private training opportunities. Every team member has access to adedicated annual training budget, and we frequently arrange private team training sessions to explore advanced topics with direct guidance from industry leaders.
Recent team trainings include (many delivered privately to our team):
- AI Red Teaming - DreadNode
- AI Red Teaming - Learn Prompting
- Red, Blue, Purple AI / Attacking AI - Arcanum Security
- Offensive Entra ID - Outsider Security (Dirk-Jan Mollema)
- Mac Tradecraft / Red Team Ops / Vulnerability Research - SpecterOps
- Dark Side Ops 2 - NetSPI
- OSCP / OSED / OSMR - Offensive Security
- ... and more
We value growth, collaboration, and innovation. At RBC, we're committed to your success.
You'll benefit from:- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Flexible benefits and hybrid work environment
- Leadership that supports your development
- Opportunities to make meaningful impact
- A high-performing, collaborative, and inclusive team environment
- Increasing responsibility and growth opportunities
- Close collaboration with other cybersecurity teams
We don't just support growth - we invest in it.
Job SkillsApplication Security, Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Encryption Software, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security, Open Web Application Security Project (OWASP), Red Teaming, Security Testing, Social Engineering, Strategic Thinking, Web Application Security
Additional Job DetailsAddress:16 YORK ST:TORONTO
City:Toronto
Country:Canada
Work hours/week:37.5
Employment Type:Full time
Platform:TECHNOLOGY AND OPERATIONS
Job Type:Regular
Pay Type:Salaried
Posted Date:2026-06-15
Application Deadline:2026-07-03
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
