Software testing • brossard qc
The Penetration Testing and Vulnerability Management Consultant is responsible for certain key functions within the Payroll Service Center (PSC)’s Security and Fraud Management team, including mana...Show more
About Alexa Translations Alexa Translations provides A.Our unique combination of advanced technology and professionally certified translators deliver tailored solutions with unparalleled quality.Th...Show more
QA Automation Engineer (Java) – Performance & DevOps.Java, performance testing, and DevOps practices.The ideal candidate will be responsible for building and executing automated test suites, conduc...Show more
Croesus provides innovative, high-performance, and secure wealth management solutions that include portfolio management systems, portfolio rebalancing tools, and application programming interfaces ...Show more
GHGSat offers greenhouse gas detection, measurement, and monitoring services to industrial and government customers around the world.We use our own satellites and aircraft sensors, combined with th...Show more
CGI ist einer der weltweit größten Anbieter von IT- und Business Consulting und bietet exzellente Perspektiven sowie zahlreiche Weiterentwicklungsmöglichkeiten.Als Teil unseres wachstumsstarken Unt...Show more
Be a part of our mission! As a world leader in creating comfortable, sustainable, and efficient climate solutions for buildings, homes and transportation, it's our responsibility to put the planet ...Show more
Maya HTT is a world leading software developer and engineering solutions provider focused on CAE, CAD, CAM and PLM.A long-time partner of Siemens Digital Industries Software, Maya HTT collaborates ...Show more
Our client, a premier global financial institution and investment banking leader, is seeking a high-caliber Senior IT & Cybersecurity Control Auditor.In this role, you will play a pivotal part in s...Show more
You will be a key contributor to the architecture and development of internal tools, system integrations, and new platform features — from initial concept to production deployment.Improve website p...Show more
L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do.Our employees are unified in a shared dedication to our customers’ mission and quest ...Show more
Looking for an exciting challenge?.Join the Mission: Building the Future of Commerce Advertising.Join us on our mission to become a global champion in commerce, advertising and performance marketin...Show more
Our Montreal based client is seeking an experienced SAP Testing Lead to join their project immediately and will run until January 2027, with possibility of an extension.The ideal candidate should h...Show more
Pay at Intact is about much more than just salary.Multiple benefits offered to support.Wellness account and much more.Share plan & other savings: up to.Employee Share Purchase Plan (ESPP) – with In...Show more
You will be a key contributor to the architecture and development of internal tools, system integrations, and new platform features — from initial concept to production deployment.Improve website p...Show more
CIMA+’s Energy & Resources team is a key player in the energy transition.With more than 700 highly qualified professional in this business sector, we are one of the largest teams specializing in th...Show more
Looking for an exciting challenge?.Join the Mission: Building the Future of Commerce Advertising.Join us on our mission to become a global champion in commerce, advertising and performance marketin...Show more
Canada's most award-winning online funding tool -- a search engine for all funding programs in Canada.The platform matches entrepreneurs, private investors, public funders and advisors, through a u...Show more
Vous travaillerez sur des logiciels critiques intégrés dans des bâtiments, commerces et restaurants que les utilisateurs fréquentent chaque jour.Ce rôle offre l’opportunité d’intervenir sur l’ensem...Show more
Position Description:
The Penetration Testing and Vulnerability Management Consultant is responsible for certain key functions within the Payroll Service Center (PSC)’s Security and Fraud Management team, including managing penetration testing, active threat hunting, and vulnerability management. He or she also provides support for other functions such as incident management and security in projects.
The PSP is a leading provider of payroll services for numerous clients across Canada. We play a key role in the Canadian economy. Cybersecurity and fraud management are therefore areas of critical importance. Working in the PSP’s Security and Fraud Management team also offers the opportunity to explore many areas and develop expertise in cybersecurity. This position reports directly to the CSP Director of Security and Fraud Management.
This position requires autonomy, strong cybersecurity knowledge, and the ability to learn new skills. It is also important to have strong communication skills and the ability to build good relationships with other teams.
Your future duties and responsibilities:
MAIN RESPONSIBILITIES
- Managing offensive testing
- Active threat hunting
- Vulnerability management
- Incident management support
- Security support for projects.
Penetration Testing (Red Teaming)
- Planning and coordinating penetration tests based on a principle of rotating targets and continuous testing
- Supporting the execution of corporate security tests (vulnerability scans and other tests as needed)
- Assisting project teams with conducting DAST (BurpSuite Enterprise) and SAST (SonarQube) tests, and, as needed, independently conducting light penetration tests
- Conducting “retests” to verify that certain vulnerabilities identified as fixed have been properly addressed
- Analyzing test results, re-evaluating severity levels, and verifying false positives
- Periodically conducting light, independent penetration tests on random targets, following a methodology approved by stakeholders
- Occasional participation in specialized conferences, penetration testing competitions, or other activities to maintain an adequate level of expertise in offensive testing
- Report and share relevant information with stakeholders affected by the results of offensive testing.
Active Threat Hunting
- In collaboration with the SOC Manager, analyze specific alerts and alert trends to determine whether certain attack patterns exploit vulnerabilities or security flaws that require remediation. This involves conducting periodic analyses using various monitoring tools: SIEM, WAF, DLP, Defender, etc.
- Note: This does not involve taking responsibility for handling alerts, but rather identifying attack patterns that may require preventive actions or vulnerability fixes.
Vulnerability Management
- Ensure that identified vulnerabilities are properly documented, tracked, and prioritized, with a remediation plan that has been approved by stakeholders
- Contribute expertise and provide recommendations for vulnerability remediation
- Ensure that vulnerability remediation is also properly documented and validated
- Sources for identifying vulnerabilities may include: SAST and DAST testing, penetration testing, compliance audits, anomalies detected by users or associates, configuration reviews, vulnerability scans, external bug bounty researchers, etc.
- Develop dashboards and metrics on vulnerabilities and their severity.
Incident Management Support
- Participate in incident management: investigations, containment, implementation of corrective actions, documentation, and post-incident analysis.
Project Security Support
- Assist specific projects and teams with implementing security measures: asset classification, risk analysis, security recommendations, planning and coordinating security testing, and tracking vulnerabilities and issues requiring correction.
The advisor may also assist with or lead any related tasks assigned by their manager.
Required qualifications to be successful in this role:
REQUIRED QUALIFICATIONS
- Degree in risk management, cybersecurity, computer science, or related fields
- At least two years of experience in cybersecurity
- Experience participating in or coordinating offensive security testing
- Strong written and verbal communication skills. Ability to communicate effectively with technical and non-technical audiences, senior management, and operational staff
- Leadership skills to successfully complete projects requiring the coordination of multiple teams
- Ability to work independently and organize tasks effectively
- Fluent French (written and spoken) required; functional English necessary
- Ability to work under pressure in a critical environment
- Ability to anticipate risks and propose concrete solutions
- Ability to collaborate effectively within a team.
CGI provides a reasonable estimate of the salary range for this position. This range is calculated based on various factors, including skill level, geographic market, experience, education, and professional licenses and certifications. Compensation decisions are made on a case-by-case basis. A reasonable estimate of this salary range is between $60, and $,. This position is currently open.
#LI-EH1
Skills:
