Remote Senior Security Consultant (Secure Code Review + Web Application PenTest)

Description:

• The position is for a Senior Security Consultant specializing in Secure Code Review and Web Application Penetration Testing, located in Canada.
• This role involves conducting secure code reviews and penetration tests for a diverse range of clients.
• The consultant will work remotely in a collaborative and innovative environment, utilizing the latest security technologies and methodologies.
• Responsibilities include performing in-depth penetration testing and secure code review assessments on various web applications.
• The consultant will dynamically exploit vulnerabilities in codebases and correlate insecure coding practices to application vulnerabilities.
• Delivering secure code reviews in multiple programming languages such as Java, C#, Python, C/C++, Perl, and PHP using both automated and manual analysis tools is required.
• The role includes training and assisting development teams on secure coding practices and vulnerability remediation.
• Providing quality assurance oversight and mentoring peers on service delivery and skill development is expected.
• The consultant will present detailed findings to clients and support remediation planning.
• Conducting research to develop new testing methods, tools, and exploit techniques is part of the job.
• Maintaining accurate administrative records, including timekeeping and status updates, is necessary.

Requirements:

• Candidates must have 3 to 5 years of experience in application security, including secure code review and web application penetration testing.
• Expert proficiency with Burp Suite is required, with extension development preferred.
• A strong knowledge of OWASP Top 10 and CWE Top 25 vulnerabilities, along with practical experience identifying and mitigating risks in source code, is essential.
• The ability to effectively communicate technical risks and business impacts to diverse audiences is necessary.
• A Bachelor’s degree or higher in Computer Science, Engineering, IT, or a related field is required; equivalent experience will be considered.
• Willingness to travel up to 25% is expected.
• Preferred qualifications include experience providing technical and QA oversight, strong skills in at least two programming languages (Java, C#, PHP, Python, C/C++), and software development experience in server-side languages.

Benefits:

• The position offers a competitive salary and a comprehensive benefits package.
• There is a flexible remote work arrangement available within Canada, with a preference for Ontario.
• Opportunities for professional growth and skill development are provided.
• The work environment is collaborative, supportive, and innovative.
• Employees will have exposure to cutting-edge cybersecurity tools and industry-leading practices.
• The company is an equal opportunity employer committed to diversity and inclusion.