Penetration Tester

Software Secured is a leading Penetration Testing as a Service (PTaaS) company, with a head office in beautiful Ottawa, Canada. We help software development teams get ahead of hackers, using a suite of cybersecurity services and products. Software Secured focuses on helping startups, scaleups, and SMBs comply with industry-specific Governance, Risk and Compliance frameworks (SOC 2, ISO27001 & PCI DSS, HIPAA, etc), prove security maturity to enterprise buyers with stringent security requirements and gain peace of mind that their most sensitive company assets have been secured.

‍The Role

As a Penetration Tester at Software Secured, you will have the opportunity to help our clients secure their mission-critical applications. This includes performing security code review, web, mobile, and network security tests. Help clients with security design reviews, threat modelling, and remediation strategies.

This is a remote, full-time permanent role. However, you must be located in Canada, either a Canadian citizen or a PR holder.

Key Responsibilities:

\* Oversee compliance at Software Secured by managing compliance projects from start to finish, with a focus on achieving SOC2 Type 2 certification and CREST accreditation.

\* Take ownership of Software Secured’s security and compliance obligations, centralizing the management and serving as the liaison between departments.

\* Work with Sales and Engineering to ensure smooth operations and seamless project delivery, which includes project management, liaising and initiatives to create processes and workflows to ensure client satisfaction.

\* Optimize Software Secured’s calendar utilization by coordinating with the Pentest Director, proactively engaging with clients, and implementing creative strategies to maximize scheduling efficiency.

\* Participate in sales activities to advance strategic accounts by positioning Software Secured’s services as a key component of the client’s security strategy. What we are looking for:

\* Bachelor’s degree in a technical field or equivalent experience in information and network security.

\* 5+ years of experience managing cybersecurity consulting projects.

\* Experience with Threat & Risk Assessment & Privacy Impact Assessments.

\* Knowledge of GRC regulations and frameworks (SOC 2, ISO27001 etc.)

\* Experience managing multi-disciplinary and cross-functional teams with considerable decision-making autonomy.

\* Experience building and maintaining relationships with internal and external stakeholders, withan ability to keep the focus on priority issues, and balancing process vs. flexibility.

\* Ability to support and influence client expectations.

\* Demonstrated experience identifying service improvement practices, streamlining and developing new processes and best practices to drive implementation excellence.

\* Excellent communication, strategic thinking, and time management skills.

What we are offering:

🤑 Competitive base salary

🍁 Work remotely from anywhere in Canada (you're welcome to work in the Ottawa office when you prefer).

🌍 Work remotely from anywhere in the world for up to 2 months per year.

💰 Yearly profit-sharing between 5 - 12% of your base salary, based on your performance.

💸 Perks such as: monthly UberEats budget, annual home office stipend.

🌴 3 weeks of vacation to start. Additionally, the whole company is off for the week between Christmas and the New Year.

🍼 Parental, bereavement and child loss leave.

🏥 You will receive a comprehensive health benefits package (including dental, vision, and practitioner coverage, among others).