Security Tester, Deloitte Global Cybersecurity

Deloitte - Toronto, ON (4 months ago)

Apply Now

Job Type: Permanent
Primary Location: Toronto, Ontario, Canada
All Available Locations: Toronto

Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness.
Experience a firm where wellness matters.
Be expected to share your ideas and to make them a reality.

What will your typical day look like?

Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world’s largest holistic internal cybersecurity organizations? If you’re interested in proactively preventing, detecting, and responding to cyber attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We’re looking for an analytical thinker passionate about cybersecurity to join our team.

As part of the Global Cybersecurity team, responsibilities will be to work with customers to deliver technical assessments against a broad range of services, illustrative duties will include:

Assisting in technical scoping of security testing activities
Executing security testing
Software/Web Application/Web Services penetration testing
Network Penetration Testing
Mobile Application Penetration Testing
Thick Client Penetration Testing
Conducting focused research when not deployed on an active project
Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally
Enhancing and updating testing methodologies, processes and standards documentation
Maintaining proficiency of knowledge through ongoing training paths
Architecture Security Analysis and Threat Modeling as required
Open source intelligence analysis and assessment
Communications on how to effectively engage services and what capabilities are available
Escalation of issues experienced to the Regional Manager

This Deloitte Global role requires limited to no travel.

About the team

Deloitte Global Culture:
At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network. In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark. Deloitte Global supports our talented professionals in answering the question: What impact will you make?

In Global Technology Services, we make an impact by providing leading edge technology products and support to the entire Deloitte organization. We offer innovative technology solutions that cross borders and help Deloitte deliver and connect with their clients, their communities, and one another in ways they never thought possible.

Enough about us, let’s talk about you

You are someone with:
Developed experience with web application penetration testing
Familiarity with software security weakness and vulnerabilities
Experience in network penetration testing
Working knowledge of one scripting language
Experience in reverse engineering is a plus
Familiarity with at least one software programming language and framework is a plus
Demonstrated experience working with diverse stakeholders, preferably on a global multi-national basis
Ability to manage concurrent initiatives and use effective judgment in prioritization and time management
Strong written and verbal communication skill
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Offensive Certified Security Professional (OSCP)
GIAC Security Essentials (GSEC)

Knowledge or awareness of the following:
Reverse Engineering
Source code reviews
Cloud Service testing
ISO 27000 series such as 27001, 27002, 27032, 27035
NIST SP 800 series
SANS Institute - CIS Critical Security Controls
Standard of Good Practice for Information Security
Incident management and response
Vulnerability management

Why Deloitte?

Launch your career with The One Firm where you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a culture built to support and develop our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, connect, and lead. We do this by making three commitments to you:

You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
You can work your way: We give you the means to be flexible in how you need and want to work, and we have innovative spaces, arrangements and the mindset to help you be wildly successful.
You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

The next step is yours

Sound like The One Firm. For You?

At Deloitte we are all about doing business inclusively – that starts with having diverse colleagues of all abilities! We encourage you to connect with us at if you require an accommodation in the recruitment process, or need this job posting in an alternative format. We’d love to hear from you!

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.