View all jobs

Consultant - Penetration testing

Laval, Québec
About us
OKIOK is a cybersecurity innovation firm that operates on different levels: consulting, solution development, penetration testing and incident response. We recruit the best in the industry to build a dynamic team that uses the latest technologies to serve our clients and counter emerging cyberthreats.

Here are some good reasons to become an okiokois:
  1. Competitive salaries with annual bonus
  2. Enjoy schedules that value work-life balance, and a committee ensuring well-being and job satisfaction
  3. Being in a relaxed environment, surrounded by pentest’s enthusiasts
  4. Working on a variety of one-of-a-kind projects
  5. Banking your hours, never work at your expense
  6. Access paid training and certifications
  7. Participate in CTFs with the team each year
  8. Working with cutting edge technologies such as escape techniques, Miter Att&ck framework, red teaming, and many others
  9. Work with recognized experts and develop your skills through mentoring
  10. Game night, 5@7, team activities, barbecue and more!
Here's what's in store for you:
Provide consulting services in IT security, particularly penetration testing
  • Analyze and exploit vulnerabilities in specific IT environments;
  • Propose and/or implement measures to address and/or manage vulnerabilities identified in projects;
  • Write documentation of penetration testing activities;
  • Watch out for new trends and threats;
  • Identify and validate security incidents;
  • Put in place measures to deal with and/or manage incidents and compromised systems.
Supporting professional services management processes
  • Provide input for potential candidates interviewed for positions to be filled;
  • Provide technical resources to pass on and/or upgrade the knowledge required to meet  performance expectations;
  • Accompany the resources working for the business development and/or other relevant internal stakeholders to support them in their discussions with clients.
Participate in project delivery activities
In some interventions where the presence of a project manager is not needed, the following activities may be requested from the consultant:
  • Participate in the preliminary analysis of pentesting test warrants to identify the expert, material and physical resource requirements required;
  • Participate in meetings with members of the operation team (internal and/or external) to review the status of the project.
  • Good knowledge of various tools used to perform penetration tests:
    • Vulnerability;
    • Proxy Web (web application tests);
    • Post-operating tool;
    • Tools to capture and break access codes;
    • Tools related to windows domain security.
  • In-depth knowledge of Windows, Mac, Linux systems;
  • In-depth knowledge of cloud environments;
  • Knowledge of Reverse Engineering  (an asset);
  • Good knowledge in at least three (3) of the following areas:
    • Web applications;
    • Application code review;
    • Wireless networks (Wifi);
    • Mobile apps;
    • Security of operating systems;
    • Database security;
    • Security of virtualization infrastructure;
    • Network technology security;
    • Security of cloud environments;
    • Physical intrusion tests;
    • Social engineering;
    • Denial-of-service tests.
  • Undergraduate university education in computer science or equivalent;
  • Graduate university training in information security or equivalent is an asset;
  • Practical experience in information security for at least 4 years;
  • Practical, professional and recent experience in penetration testing for at least 2 years;
  • Experience in coordinating specialized teams is an asset;
  • Autonomous and demonstrates initiative in its actions;
  • Demonstrated ability to write analysis reports;
  • Innovative spirit;
  • Intellectual curiosity (aware of the latest technologies);
  • Very good learning ability;
  • Ability to make quick decisions in a changing environment;
  • Ability to interact with people from different backgrounds;
  • Ability to write documents in a clear and structured manner;
  • Excellent sense of organization, analytical and synthesis;
  • Ability to work as a team;
  • Being able to work under pressure
  • Bilingualism spoken and written.
Certifications (Assets)
  • Computer Hacking Forensic Investigator (CHFI)
  • GIAC Certified Penetration Test (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Certified Expert (OSCE)
  • Certified Secure Software Lifecycle Professional (CSSLP)
Sarah Vigeant
Responsable des ressources humaines
450 681-1681 poste 245

More Openings

Spontaneous Application

Share This Job

Powered by