Security Tester (Penetration Testing), Deloitte Global Technology
Job Type: Permanent
Reference code: 123683
Primary Location: Toronto, ON
All Available Locations: Vancouver, BC; Ottawa, ON; Saskatoon, SK; Toronto, ON; Victoria, BC; Windsor, ON; Winnipeg, MB
At Deloitte, we are driven to inspire and help our people, organization, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization.
By living our Purpose, we will make an impact that matters.
- Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness.
- Experience a firm where wellness matters.
- Be expected to share your ideas and to make them a reality
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cuttingedge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?
What will your typical day look like?
As part of the Global Cybersecurity team, responsibilities will be to work with customers to deliver technical assessments against a broad range of services. You will use your strong communication skills to provide consultative guidance to customers on findings identified, how to effectively engage services and the available
- Evolve and enhance approach for managing customer requests and queries for technical testing
- Support the integration of testing analysis across disciplines to improve testing exercises and improve end
- product to our customers
- Assist in technical scoping of security testing activities
- Curate and assessment of vulnerability data (across multiple platforms/tools)
- Typical security testing activities:
- Software/Web Application/Web Services/ penetration testing
- API penetration testing
- Network Penetration Testing
- Mobile Application Penetration Testing
- Thick Client Penetration Testing
- Architecture Security Analysis and Threat Modeling as required
- Provide technical guidance in supporting member firms in conducting necessary remedial actions and responding to client vulnerability questions or disclosures
- Help develop tooling deployment and relevant scanning configurations to enhance practical testing processes
- Operate in the wider organization to drive risk reduction goals and in the continuous improvement vulnerability related service
About the team
At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network. In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark. Deloitte Global supports our talented professionals in answering the question: What impact will you make?
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.
Enough about us, let’s talk about you
You are someone with:
- At least 2 years’ experience working in a professional environment preferably as part of an operational security function (app testing)
- Experience in network penetration testing
- OWASP Top Ten
- Familiarity with software security weakness and vulnerabilities
- Must be able to work under pressure and produce content to tight timelines
- Excellent planning skills
- Demonstrated experience working with diverse stakeholders, preferably on a global multi-national basis
- Bachelor’s degree in a business or cyber security domain; or Candidates with relevant work experience in an appropriate field
- Experience in any of the following platforms would be highly beneficial; Burp, Kauli Linux (must have), Nmap, ServiceNow, Qualys,Kenna, Fortify
- Ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and
- nontechnical audiences
- Threat modeling experience
- Scripting experience (Power shell, Python)
- Sound knowledge of common infrastructure and web application vulnerabilities and common vulnerability categorizations such as OWASP, CVSS
- Secure DevOps experience
- Knowledge of ticketing and tracking tools such as Service Now – Security Operations
Our promise to our people: Deloitte is where potential comes to life.
Be yourself, and more.
We are a group of talented people who want to learn, gain experience, and develop skills. Wherever you are in your career, we want you to advance.
You shape how we make impact.
Diverse perspectives and life experiences make us better. Whoever you are and wherever you’re from, we want you to feel like you belong here. We provide flexible working options to support you and how you can contribute. Be the leader you want to be.
Be the leader you want to be
Some guide teams, some change culture, some build essential expertise. We offer opportunities and experiences that support your continuing growth as a leader.
Have as many careers as you want.
We are uniquely able to offer you new challenges and roles – and prepare you for them. We bring together people with unique experiences and talents, and we are the place to develop a lasting network of friends, peers, and mentors. Our TVP is about relationships – between leaders and their people, the firm and its people, peers, and within in our communities.
The next step is yours
At Deloitte, we are all about doing business inclusively – that starts with having diverse colleagues of all abilities. Deloitte encourages applications from all qualified candidates who represent the full diversity of communities across Canada. This includes, but is not limited to, people with disabilities, candidates from Indigenous communities, and candidates from the Black community in support of living our values, creating a culture of Diversity Equity and Inclusion and our commitment to our AccessAbility Action Plan, Reconciliation Action Plan and the BlackNorth Initiative.
By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.
Deloitte Canada has 30 offices with representation across most of the country. We acknowledge our offices reside on traditional, treaty and unceded territories as part of Turtle Island and is still home to many First Nations, Métis, and Inuit peoples. We are all Treaty people.