Security Analyst / Penetration Tester

Suncor - Calgary, Canada

Job Description Back

Job ID 20805

We know that in today's world, it’s important that technology is available, protected and secure. Are you a cyber security professional with expertise in the areas of vulnerability and penetration testing, cyber incident response and investigations? Do you have experience understanding global security threats to ensure we are protecting our information systems? Working with the director, enterprise information security (IS), you will have an exciting opportunity to join our enterprise information security group.

  • Review and approve IS requirements for all new initiatives and projects
  • Assess all information technology (IT) related projects and initiatives for security vulnerabilities and risks by scoping, preparing, and conducting tests (both vulnerability as well as penetration)
  • Demonstrate the likelihood of data compromise via 'proof of concept exploitation'
  • Act as a technical advisor to project teams for remediating and mitigating security risks
  • Respond to confidential and sensitive cyber incidents to contain and recover critical business functions and data
  • Remain current on newly evolving threats to information systems, and find opportunities to reduce risks posed by these new threats
  • Manage and monitor third party security feeds, forums, and mailing lists to capture information on vulnerabilities and exploits, and produce actionable intelligence reports

Required Qualifications

  • Five or more years of technical experience in IS, specifically vulnerability assessments, penetration testing, ethical hacking, and incident response
  • Experience with using penetration testing tools (e.g. NMap, Nessus, Metasploit, WireShark, Kismet, BurpSuite, Nikto, Tcpdump, Qualys)
  • College or university level diploma is preferred in science, technology, engineering or math
  • High School Diploma or General Education Diploma (GED)
  • A professional designation or certification in IS (CISA, CISSP, CISM, CPA, ENCE, GIAC) is an asset

  • Proficiency and experience with using penetration testing tools (e.g. NMap, Nessus, Metasploit, WireShark, Kismet, BurpSuite, Nikto, Tcpdump, Qualys)
  • Knowledge in security protection solutions, including firewall, intrusion detection/protection systems, web application firewalls, anti-virus, and security monitoring solutions is preferred
  • Advanced expertise in power shell, sql, and python scripting
  • Complex problem solving and analytical skills required to build, develop and explore testing strategies to identify security vulnerabilities and root causes
  • You have strong social skills and well-developed interpersonal skills and can effectively collaborate with people at all levels of an organization
  • You are willing to gain a working knowledge of all areas of an organization and the ability to develop a keen understanding of the primary IS security risks as well as determine if there are continuous improvement opportunities

Preferred Qualifications


Company Description


Additional Information

  • Job ID
  • Post Date
    Jun 30, 2018
  • Employee Type
  • Relocation Eligible
Do NOT follow this link or you will be banned from the site!

People You May Know