Senior Penetration Tester

New Value Solutions, a national IT consulting company, is seeking a Senior Penetration Tester to perform hands-on penetration testing activities as part of a large-scale public-sector cybersecurity engagement in a highly regulated justice environment. The successful candidate will work under the direction of the Red Team Leader and will identify, exploit, validate, and document security vulnerabilities across complex enterprise IT environments. This role will be remote within Canada, with limited onsite work as required.

Responsibilities

• Execute hands-on penetration testing activities under the direction of the Red Team Leader.
• Conduct technical testing across external and internal network infrastructure, web applications, cloud environments, and related systems.
• Perform social engineering assessments and support physical security testing as defined in scope.
• Utilize industry-standard penetration testing tools and methodologies to identify and exploit vulnerabilities.
• Accurately document vulnerabilities, exploitation paths, evidence, and risk ratings.
• Support preparation of penetration testing reports, presentations, and technical briefings.
• Contribute to the development of specifications, approach documents, and statements of work for penetration testing engagements.
• Provide clear and actionable technical remediation recommendations.
• Follow all rules of engagement, security policies, and legal requirements.
• Maintain strict confidentiality throughout all testing activities.

Requirements

• Minimum 6 years of experience on penetration testing projects of similar scope and complexity within the last 10 years.
• Minimum 5 years of direct, hands-on penetration testing experience, including conducting assessments, exploiting vulnerabilities, and documenting findings.
• Demonstrated hands-on capability across external/internal network infrastructure, web applications, cloud environments, and related systems.
• Strong experience with industry-standard penetration testing tools and methodologies.
• Strong technical documentation, reporting, and briefing skills.
• Experience developing or contributing to testing approaches, specifications, or statements of work is an asset.
• Experience in public-sector or other highly regulated environments is preferred. Justice/courts experience is an asset.
• Must be legally able to work in Canada.
• Must be able and willing to complete required Criminal Record Check and Enhanced Security Check processes within client timelines.
• OSCP, GPEN, or equivalent industry-recognized penetration testing certification is required.

If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.

ID#5342

Questions:

• How many years of experience do you have with hands‑on penetration testing?
• Which environments have you tested (network, web, cloud)?
• What penetration testing tools and methodologies do you use most frequently?
• Are you eligible for Enhanced Security Clearance in Canada?
• Do you currently hold OSCP, GPEN, or equivalent certification?