Talent.com
SereneAid
Threat Risk Assessment (TRA) Specialist / Penetration Testing (PT) Specialist – SeniorSereneAid • Halifax Central, NS, ca
Threat Risk Assessment (TRA) Specialist / Penetration Testing (PT) Specialist – Senior

Threat Risk Assessment (TRA) Specialist / Penetration Testing (PT) Specialist – Senior

SereneAid • Halifax Central, NS, ca
5 days ago
Job type
  • Full-time
Job description
Job Description
Threat Risk Assessment (TRA) Specialist / Penetration Testing (PT) Specialist – Senior
Client: Government of Nova Scotia – Cyber Security & Digital Solutions (CSDS)
Project: Land Modernization Initiative (LMI)
Location: Halifax, Nova Scotia (Remote with optional onsite work)
Contract Duration: July 20, 2026 – May 31, 2027
Engagement Type: Competitive-Sourced
Work Arrangement: Remote (with occasional collaboration with CSDS stakeholders)
Project Overview
The Government of Nova Scotia is seeking experienced cybersecurity professionals to support the Land Modernization Initiative (LMI), a major transformation program modernizing the Province’s Land Registry services.
The selected consultants will work closely with the CSDS/LMI Technical Manager, Cyber Security and Risk Management (CSRM) team, and business stakeholders to conduct:
  • Threat Risk Assessments (TRA)
  • Penetration Testing (PT)
  • Security risk analysis
  • Vulnerability assessments
  • Security recommendations and remediation guidance
The initial engagement focuses on the MVS 1.0 release, with potential future work supporting releases 1.1, 1.2, and 1.3.

Requirements

Key Responsibilities
Threat Risk Assessment (TRA)
Scope
  • Identify and document security threats, vulnerabilities, and risks across the Nova Scotia Land Registry ecosystem.
  • Assess people, processes, technologies, communications, and information assets.
  • Evaluate likelihood and business impact of identified risks.
  • Recommend mitigation strategies and security controls.
  • Perform assessments using the NIST SP 800-53 Revision 5 High Baseline framework.
  • Review security certifications and reports including:
    • ISO/IEC 27001
    • ISO/IEC 42001
    • SOC 2 Type II
    • PCI DSS
Activities
  • Conduct workshops and stakeholder interviews.
  • Review system architecture, integrations, and data flows.
  • Analyze operational effectiveness of security controls.
  • Assess compliance across applicable NIST control families.
  • Document threat actors, attack vectors, vulnerabilities, and risk treatments.
  • Produce executive and technical reports.
  • Present findings to senior leadership and project stakeholders.
Penetration Testing (PT)
Scope
Conduct penetration testing against:
  • Web Applications
  • APIs
  • Cloud Environments
  • Networks
  • Mobile Applications
  • Endpoints
Testing Methodologies
  • White Box Testing
  • Grey Box Testing
  • Black Box Testing
Activities
  • Execute penetration testing using industry best practices.
  • Identify, validate, and document vulnerabilities.
  • Analyze prior security testing results.
  • Conduct remediation verification and retesting.
  • Produce executive and technical reports.
  • Immediately escalate Critical vulnerabilities using CVSS standards.
  • Participate in ongoing security assessments and risk management activities.
Required Deliverables
Threat Risk Assessment Deliverables
  • Draft TRA Report
  • Final TRA Report
  • Completed TRA Checklist
  • Risk Response Form
  • Executive Presentation
Penetration Testing Deliverables
  • Final Penetration Testing Report
  • Executive Presentation
  • Remediation Validation / Retest Results
Mandatory Qualifications (Required)
Candidates who do not meet the following requirements should not be submitted.
Threat Risk Assessment Requirements
Mandatory Experience
  • Minimum 3 years of experience conducting Threat Risk Assessments (TRAs) on digital systems.
  • At least one proposed resource must have completed two (2) or more TRAs on digital systems within the last three (3) years.
  • Experience conducting TRAs within Canadian public sector environments.
  • Experience working with:
    • NIST SP 800-53
    • ISO/IEC 27001
    • ISO/IEC 42001
    • SOC 2 Type II
    • PCI DSS
  • Experience assessing:
    • Cloud environments (AWS, Azure)
    • Network infrastructure
    • Enterprise applications
    • Technology platforms
  • Ability to work with business, security, and technical teams.
Mandatory Documentation
  • Criminal Record Check completed within the last six (6) months.
Penetration Testing Requirements
Mandatory Experience
  • Minimum 3 years of experience conducting penetration testing.
  • At least one proposed resource must have completed two (2) or more penetration tests within the last twelve (12) months.
  • Experience conducting penetration testing in Canadian public sector organizations.
  • Strong experience testing:
    • Web applications
    • APIs
    • Cloud environments
    • Networks
    • Enterprise systems
Mandatory Certifications
Tier 1 Certification (Required)
At least one proposed resource must hold one of the following:
  • OSCP (Offensive Security Certified Professional)
  • CREST CRT (Registered Penetration Tester)
Tier 2 Certification (Required)
At least one proposed resource should hold one of the following:
  • CEH Master
  • GPEN
  • CompTIA PenTest+
Mandatory Documentation
  • Criminal Record Check completed within the last six (6) months.
Preferred Qualifications
The following are considered strong assets:
Security Certifications
  • CISSP
  • CISM
  • CRISC
  • OSCP
  • CREST CRT
  • CEH Master
  • GPEN
  • CompTIA PenTest+
Government Experience
  • Previous experience performing Threat Risk Assessments for Canadian government organizations.
  • Previous experience conducting Penetration Testing for Canadian government organizations.
  • Direct experience supporting the Government of Nova Scotia.
  • Familiarity with Government of Nova Scotia cybersecurity standards, risk frameworks, and governance processes.
Technical Skills
Candidates should demonstrate expertise in:
  • Threat Risk Assessment Methodologies
  • Penetration Testing Methodologies
  • NIST SP 800-53 Rev. 5
  • ISO/IEC 27001
  • ISO/IEC 42001
  • SOC 2 Type II
  • PCI DSS
  • Cyber Risk Management
  • Vulnerability Assessment
  • Security Architecture Review
  • Risk Analysis and Treatment Planning
  • Security Control Assessment
  • Cloud Security (AWS / Azure)
  • Application Security
  • Network Security
  • Security Reporting and Executive Presentations
  • CVSS Scoring Framework
Evaluation Highlights
Candidates and vendors will be evaluated based on:
  • TRA experience and expertise
  • Penetration testing experience
  • NIST and security framework knowledge
  • Tier 1 and Tier 2 security certifications
  • Public sector cybersecurity experience
  • Government of Nova Scotia experience
  • Client references
  • Pricing competitiveness
This opportunity is ideal for senior cybersecurity consultants with proven expertise in both Threat Risk Assessments and Penetration Testing within government and highly regulated environments. The successful team will play a critical role in securing one of Nova Scotia's most significant digital modernization initiatives.


Requirements
Mandatory Qualifications (Required) Candidates who do not meet the following requirements should not be submitted. Threat Risk Assessment Requirements Mandatory Experience Minimum 3 years of experience conducting Threat Risk Assessments (TRAs) on digital systems. At least one proposed resource must have completed two (2) or more TRAs on digital systems within the last three (3) years. Experience conducting TRAs within Canadian public sector environments. Experience working with: NIST SP 800-53 ISO/IEC 27001 ISO/IEC 42001 SOC 2 Type II PCI DSS Experience assessing: Cloud environments (AWS, Azure) Network infrastructure Enterprise applications Technology platforms Ability to work with business, security, and technical teams. Mandatory Documentation Criminal Record Check completed within the last six (6) months. Penetration Testing Requirements Mandatory Experience Minimum 3 years of experience conducting penetration testing. At least one proposed resource must have completed two (2) or more penetration tests within the last twelve (12) months. Experience conducting penetration testing in Canadian public sector organizations. Strong experience testing: Web applications APIs Cloud environments Networks Enterprise systems Mandatory Certifications Tier 1 Certification (Required) At least one proposed resource must hold one of the following: OSCP (Offensive Security Certified Professional) CREST CRT (Registered Penetration Tester) Tier 2 Certification (Required) At least one proposed resource should hold one of the following: CEH Master GPEN CompTIA PenTest+ Mandatory Documentation Criminal Record Check completed within the last six (6) months. Preferred Qualifications The following are considered strong assets: Security Certifications CISSP CISM CRISC OSCP CREST CRT CEH Master GPEN CompTIA PenTest+ Government Experience Previous experience performing Threat Risk Assessments for Canadian government organizations. Previous experience conducting Penetration Testing for Canadian government organizations. Direct experience supporting the Government of Nova Scotia. Familiarity with Government of Nova Scotia cybersecurity standards, risk frameworks, and governance processes. Technical Skills Candidates should demonstrate expertise in: Threat Risk Assessment Methodologies Penetration Testing Methodologies NIST SP 800-53 Rev. 5 ISO/IEC 27001 ISO/IEC 42001 SOC 2 Type II PCI DSS Cyber Risk Management Vulnerability Assessment Security Architecture Review Risk Analysis and Treatment Planning Security Control Assessment Cloud Security (AWS / Azure) Application Security Network Security Security Reporting and Executive Presentations CVSS Scoring Framework Evaluation Highlights Candidates and vendors will be evaluated based on: TRA experience and expertise Penetration testing experience NIST and security framework knowledge Tier 1 and Tier 2 security certifications Public sector cybersecurity experience Government of Nova Scotia experience Client references Pricing competitiveness
Create a job alert for this search

Threat Risk Assessment (TRA) Specialist / Penetration Testing (PT) Specialist – Senior • Halifax Central, NS, ca

Similar jobs

Fire Protection Specialist

CBCL LimitedHalifax, Halifax County, CA
Full-time

RJ Bartlett Engineering, a division of CBCL Limited, has decades of experience in fire protection engineering, code consulting, alternative compliance analyses and customer service.With a thorough ... Show more

 • Promoted

Return to Work Specialist

Irving ShipbuildingHalifax, Halifax County, CA
Full-time

The RTW Specialist leads case management to support successful return-to-work and stay-at-work outcomes through an employee-centered approach.By partnering with employees, managers, unions, HR/LR, ... Show more

 • Promoted

Manager, Technology and Cyber Risk

Manulife FinancialHalifax, Halifax County, CA
Full-time

Manulife is seeking an experienced Manager, Technology & Cyber Risk Standards Governance to drive consistent, scalable, and effective risk management standards and practices across the enterprise.T... Show more

 • Promoted

Field Operations - Training & Quality Specialist

EastlinkHalifax, Halifax County, CA
Full-time

Field Operation - Training & Quality Specialist.Location: Young Tower, 6080 Young Street, Halifax, NS.On-site: working all 5 days per week in the Office.Eastlink is a family owned, entrepreneurial ... Show more

 • Promoted

Food Safety & Compliance Specialist

Rentokil InitialHalifax, Halifax County, CA
Full-time +1

Steritech Brand Standards is proud to be a member of the Rentokil family of companies in North America the global leader in pest control.The company has experienced significant growth, doubling in ... Show more

 • Promoted

Insurance Sales & Risk Advisory Specialist

GTR WorldwideHalifax, Halifax County, CA
Full-time

A leading insurance provider located in Halifax is seeking an Insurance Sales Representative to develop and maintain client relationships, suggest risk management strategies, and manage insurance c... Show more

 • Promoted

Trigonometry Private Tutoring Jobs Lake of the Woods East Shore

SuperprofLake of the Woods East Shore, Canada
CA$20.00 hourly
Full-time +1

Superprof is Canada's #1 tutoring platform, and we're actively recruiting passionate tutors! Whether you're a student, a professional, or simply someone who loves teaching, join the largest communi... Show more

 • Promoted

Technician, Integrated Pest Management

CAPREITHalifax, Halifax County, CA
Full-time

Technician, Integrated Pest Management.Team Lead, Integrated Pest Management.The Technician, Integrated Pest Management implements treatment plans, performs pest inspections, and documents findings... Show more

 • Promoted

Strategy Consultant - Health

AccentureHalifax, Halifax County, CA
Full-time

Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, technology and operations, with digital capabilities across all of these... Show more

 • Promoted

Project Manager, Credit Risk & Capital Markets - GFT Halifax

0000050007 Royal Bank of CanadaHalifax, Halifax County, CA
Full-time

The Market and Counterparty Credit Risk portfolio includes strategic initiatives and other projects supporting credit and market risk space, sponsored by Group Risk Management and Capital Markets.I... Show more

 • Promoted

Return to Work Specialist

J.D. IrvingHalifax, Halifax County, CA
Full-time

The RTW Specialist leads case management to support successful return-to-work and stay-at-work outcomes through an employee-centered approach.By partnering with employees, managers, unions, HR/LR, ... Show more

 • Promoted

Manager, Financial Crimes Oversight Testing U.S.

RBCHalifax, Halifax County, CA
Full-time

This role will conduct financial crimes oversight testing on US business units’ AML controls.This requires proactive participation with oversight scoping, fieldwork, and reporting.The role will pre... Show more

 • Promoted

Food Safety & Compliance Specialist | Travel & Growth Path

Rentokil InitialHalifax, Halifax County, CA
Full-time

A leading pest control company is seeking a Food Safety & Compliance Specialist in Halifax.The role includes conducting food safety assessments and coaching clients on best practices.Candidates sho... Show more

 • Promoted

Senior Environmental Assessment Specialist

Stantec Consulting International Ltd.Halifax, Halifax County, CA
Permanent

Grounded in safety, quality, and ethics, our experts lead their fields with dedication, a creative spirit, and a vision for growth.We draw from more than 20 technical specialties worldwide and are ... Show more

 • Promoted

Senior Consultant, Health Equity Safety & Wellness Portfolio

IWK HealthHalifax, Halifax County, CA
Permanent

Senior Consultant, Health Equity Safety & Wellness Portfolio.IWK Health is a respected academic health sciences centre located in Halifax, Nova Scotia, providing care to millions annually.We focus ... Show more

 • Promoted

ITIL compliance specialist

FX Innovation, a Bell Canada CompanyHalifax, Halifax County, CA
Full-time

Be among the first 25 applicants.Get AI-powered advice on this job and more exclusive features.Ensure compliance with ITIL processes, including Incident Management, Problem Management, Change Manag... Show more

 • Promoted

Food Safety & Compliance Specialist

Rentokil Pest Control South AfricaHalifax, Halifax County, CA
Full-time +1

Steritech Brand Standards is proud to be a member of the Rentokil family of companies in North America the global leader in pest control.The company has experienced significant growth, doubling in ... Show more

 • Promoted

Signals Intelligence Specialist

Canadian Armed Forces | Forces armées canadiennesHalifax, Halifax County, CA
Part-time

As a member of the military, Signals Intelligence Specialists intercept and analyze electronic transmissions, including foreign communications.They also protect Government of Canada computer networ... Show more

 • Promoted

Cyber Security Analyst - Halifax

DaviesHalifax, Halifax County, CA
Full-time

Cyber Security Analyst - Halifax.Application Deadline: 28 November 2025.Department: Risk and Compliance.Reporting to: Lead Cyber Security Engineer.Managing alerts within the group’s security toolin... Show more

 • Promoted

Pet Trainer

PetSmartHalifax, Halifax County, CA
Full-time

PetSmart does Anything for Pets and Everything for You – JOIN OUR TEAM!.At PetSmart, we’re more than just a company.We believe when our associates are happy and healthy, they can provide the best p... Show more