Senior Security Consultant - Penetration Testing

  • Toronto, ON, Canada
  • Employees can work remotely
  • Full-time

Company Description

As one of the largest independent technology companies in Atlantic Canada, Mariner has a team of over 200 IT and software professionals working with clients both regionally and across the globe. With extensive capabilities in the areas of analytics, automation software, information security and IT consulting, Mariner has been delivering innovative solutions with a strong emphasis on productivity and customer experience since 2003.

Job Description

Mariner Security Solutions is seeking a Penetration/Vulnerability Tester consultant to help develop our high growth Security practice in Atlantic Canada and beyond.

  • Conduct security testing in the form of vulnerability and penetration testing
  • Conduct security reviews of network infrastructure 
  • Conduct security reviews of web application designs
  • Conduct security reviews of planned workflows
  • Conduct authenticated and non-authenticated testing
  • Conduct white-box, grey box and black box testing
  • Contribute to evolution of Mariner Risk Management testing methodology
  • Act as SME for review of and working with third party vulnerability and penetration tests/testers
  • Create, assess, update and execute testing plans
  • Create test reports and provide suggested findings remediations
  • Interface directly with clients


  • 5+ years working in information security or IT security
  • 2+ years security testing experience is required
  • Excellent customer communications skills
  • Desired Certifications: CEH, GIAC Pen Tester, OSCP, OSCE, etc., or equivalents and combined experience 
  • Knowledge of network and database architecture
  • Knowledge of Linux/Windows/ Unix operating systems
  • Knowledge of common vulnerabilities in web hosts/apps (e.g., SQL injection, XSS, etc.)
  • Knowledge of common security standards and frameworks such as ISO27001, NIST, etc.
  • Knowledge of common open source and commercial testing tools such as Nessus, Acutnetix, Burp Suite, Metasploit, NMap, etc.)
  • Knowledge of network security architecture (firewalls, DMZ's, routing, DNS, DHCP, WAP, etc.) desired