Senior Cyber Security Specialist

We are seeking an experienced Senior Cyber Security Specialist to support offensive security activities across enterprise systems, web applications, APIs, and cloud environments. In this role, you will plan and execute penetration tests, red team exercises, and targeted security assessments, working closely with infrastructure, engineering, platform, and DevSecOps teams to identify vulnerabilities and reduce attack surface. Key responsibilities include conducting static and dynamic application security testing, performing secure code review, validating and prioritizing findings, and recommending practical remediation measures. You will assess web and mobile applications for security issues such as insecure APIs, injection flaws, and misconfigurations, and help integrate security controls into CI/CD and related workflows. The role also involves managing the full lifecycle of security engagements, from scoping through reporting, while maintaining clear documentation, standards, and templates. Requirements include at least 5 years of hands-on experience in offensive security, penetration testing, or red teaming; strong knowledge of application security principles and manual testing methods; and experience with common penetration testing tools. Familiarity with Unix and Windows administration, SAST/DAST, secure code review, and vulnerability analysis is also required. Experience with cloud security, scripting, and secure SDLC practices is preferred. Relevant offensive security certifications are an asset. This is a full-time opportunity and may be based in one of several major Canadian office locations.