Intermediate Pentester

Software Secured is a leading Penetration Testing as a Service company, with a head office in beautiful Ottawa, Canada. We help software development teams get ahead of hackers using a suite of services and products.

Our team of pentesters is looking for an intermediate pentester to join the team and help us secure a few hundred more applications.

As an Intermediate Pentester at Software Secured, you will have the opportunity to help our clients secure their mission-critical applications. This includes performing security code review, web, mobile, and network security tests. Help clients with security design reviews, threat modeling, and remediation strategies.

The ideal candidate would be passionate about application security, identifying security bugs in target systems, and working with development teams to help mitigate them.

What you get:

• Remote position based out of Canada (Employees close to a physical office can choose a hybrid approach).
• Work from anywhere in the world for up to two months of the year
• You will receive a competitive salary plus a yearly profit-sharing bonus (5 - 12% of the base salary).
• You will be provided with perks such as monthly UberEats credits and an annual WFH stipend
• You will receive a great health benefits package.
• You will receive free access to an audible account.
• You will receive a minimum of 3 weeks' vacation.
• We take Christmas to New Year off as additional employee vacation.
• You will receive time and a budget for training and self-development.
• Work closely with our clients to help them with security. architecture, secure SDLC, and threat modeling.
• Participate in delivering our training courses to software developers.
• 10% of your time goes to research projects and self-development.

What we are looking for:

• Share our core values (please see below).
• At least 2 years of performing application, mobile, or desktop penetration testing.
• A software development background in one or more of Python, .NET, Ruby or Java.
• Bonus points for an OSCP or GWAPT.
• Expert with OWASP Top 10 and can explain them easily.
• Strong verbal and written communication skills.
• Strong analytical and quantitative skills.
• This job is available to Canadian citizens, permanent residency, or work visa holders.

Nice to have:

• Open-source contributions
• Public speaking experience
• Performing training in a professional capacity
• Teaching experience, preferably security or CS topics
• You have done CTFs (Capture The Flag) in a competitive manner.

What we care about

• Keeping it Secure: Software Secured’s mission and values are a part of everything we do. We care about how our clients can do what they do without having to worry about hackers disrupting their work.
• Curiosity and humility: We are dedicated to learning and constantly improving. We hire the best of the best, humility is the key to remaining the best.
• Own it: our engineers work hard to improve the state of web application security. To get there, we need to own every project, every assessment, every challenge, and every line of code.
• Dive Deep: hard problems require diving deep to understand the real cause of the problem, we are not afraid of diving deep to come up with the best solutions.
• Bold: we take huge risks so our clients can minimize theirs, taking risks is part of what we do daily so we ensure the highest impact of our solutions.