Requisition ID: 103229Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Scotiabanks Cyber Security Red Team is responsible for delivery of Offensive Security services across Scotiabank Globally, such as Covert Attack Engagements, MITRE ATT&CK Testing, Control Resiliency Assessments, and traditional application and network Penetration Testing.
The Cyber Security Red Team (CSRT) is looking for a web and/or mobile application penetration tester to join our internal Penetration Testing Team, and work collaboratively with our service management group to support and ensure the delivery of our annual regulatory, and release driven penetration testing programs in alignment with CSRTs mission and the Banks Global Security Strategy.
As a Penetration Tester, you can expect to support 15 40 engagements annually, as either the lead tester executing the engagement, or through assessment oversight where you may support scoping of third-party lead engagements, or support and review deliverables by junior team members. Engagements performed by the Cyber Security Red Team members will typically range 2 – 10 weeks in duration, completed sequentially over the course of the year.
Is this role right for you?
This role is ideal for experienced penetration testers who are looking to further develop their expertise and skills.
You adhere to strong morale and ethical standard
You have a natural curiosity for how things work, exploring unknowns, and unafraid to test perceived limitations.
You take initiative and dedicate time to continuing your education, practising your craft and honing your skills.
You have strong customer service skills
Do you have the skills that will enable you to succeed in this role?
Candidates should have 3+ years of experience performing penetration tests
The ideal candidate has achieved multiple industry certifications, and at least one advanced level certifications (OSCP, OSWE, GWAN, OSWP, or equivalent).
Able to develop executive level reports, write penetration testing reports and executive summaries with minimal error or edits
Ability to execute testing engagements against complex projects and systems
Experienced in developing custom tooling, leverage whitepapers and online resources to enhance testing
Possesses an in-depth understanding of testing methodologies, within their area of expertise. (ex OWASP Web & Mobile testing methodologies and OSSTMM, and the MITRE ATT&CK Framework.)
You possess strong communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
What’s in it for you?
Joining the Bank of Nova Scotias Cyber Security Red Team will enable you to rapidly accelerate your cyber career, by providing a wide range of opportunities and experiences to learn from, in addition to professional training and experiences.
The Cyber Security Red Team department offers the ability to advance internally from an associate level, to specialized disciplines within the Offensive Security field.
As an inhouse team member, you will have the opportunity to work in a diverse team, that encourages team work, and provides learning opportunities, time for knowledge sharing.
We offer flexible work arrangements, with the ability to work from home.
We offer a competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.
The primary office in Scarborough is freshly renovated with a design focus on enabling collaboration through both environment and technology.
Onsite cafeteria plus complimentary hot beverage stations in the workplace.
Minutes by TTC bus from Warden subway station on Line 2.
Free employee shuttle service connecting the IT campus with nearby GO stations.
Minutes from the 401 & DVP.
Free onsite & offsite employee parking with charging stations for electric vehicles onsite
Location(s): Canada : Ontario : Scarborough Scotiabank is a leading bank in the Americas. Guided by our purpose: “for every future”, we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.