We are looking for a talented individual at the Consultant/Senior Consultant level to join BDO’s Cybersecurity practice, with the ability to work remotely from anywhere in Canada. The successful individual will be driven and results oriented, with a strong focus on Offensive Security. This individual would be supporting the Penetration Testing, Vulnerability Assessment and Red Teaming service line by executing client engagements, as well as conducting research and development of tools, techniques, among others.
As a Consultant or Senior Consultant in Cybersecurity, your responsibilities will include: Perform network penetration, web application testing, source code reviews and threat analysis, as applicable utilizing standard security tools, e.g., BurpSuite, MetaSploit, SQLMap, NMAP, Nessus, Qualys, Nexpose, SoapUI, etc. Perform social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems Identify network and application-specific vulnerabilities in target systems and recommend defensive measures to defend against possible attack by an adversary Demonstrate an understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines Participate in the modeling and execution of Red Teaming scenarios for organizations across Canada Develop scripts and tools enhancing the security practice at BDO, and authoring relevant documentation Develop comprehensive and accurate reports and presentations for both technical and executive audiences Demonstrate an understanding of the client environment and overall project scope Organize and deliver services on a cross-section of complex projects Actively participate in the development of business and vendor relationships Participate and lead aspects of the proposal development process Manage day-to-day interactions with clients and internal BDO team Display both breadth and depth of knowledge regarding functional and technical issues Proactively seek guidance, clarification, and feedback Keeping leadership informed of progress and issues; and Sustain a high level of drive, show enthusiasm and a positive attitude when coping with pressure at work.
How do we define success for your role? You demonstrate BDO's core values through all aspect of your work: Integrity, Respect and Collaboration You understand your client’s industry, challenges, and opportunities; clients describe you as positive, professional, and delivering high quality work You identify, recommend, and are focused on effective service delivery to your clients You share in an inclusive and engaging work environment that develops, retains & attracts talent You actively participate in the adoption of digital tools and strategies to drive an innovative workplace You grow your expertise through learning and professional development.
Your experience and education
Preferred: Strong knowledge of container technologies such as Docker Experience with conducting penetration testing of cloud-based assets Strong knowledge of Unix/ Linux/ Windows operating systems Strong knowledge of technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management Ability to conduct social engineering engagements through phone, e-mail, messages etc. Strong knowledge of Kali Linux Strong knowledge of AWS, Azure and Google Cloud Sound understanding of traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools. Sound understanding of Endpoint Detection and Response techniques and tools such as Carbon Black, Palo Alto Cortex, Checkpoint etc. Pre-sales, proposal, and RFP experience Past experience working with public sector Must be able to obtain and maintain required clearance for this role
One or more of the following: Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) GIAC Web Application Penetration Tester (GWAPT) GIAC Security Essentials Certification (GSEC) CompTIA Pentest+ Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) GIAC Penetration Tester (GPEN) Offensive Security Certified Professionals (OSCP) Offensive Security Certified Expert (OSCE) CREST Registered Penetration Tester CREST Certified Infrastructure Tester Certified Ethical Hacker
Our firm is committed to providing an environment where you can be successful in the following ways: We enable you to engage with the firm's strategic plan, and be a key contributor to the success and growth of the firm. We help you be the best professional you can be in our services, industries and markets. Achieve your personal goals outside of the office and make an impact on your community.
Giving back, it adds up: Where company meets community. BDO is actively involved in our communities by supporting local charity initiatives. We support staff with local and national events where you will be given the opportunity to contribute to your community.
Total rewards that matter : We pay for performance with competitive total cash compensation that recognizes and rewards your contribution. We provide flexible benefits from day one, and a market leading personal time off policy. We are committed to supporting your overall wellness beyond working hours, and provide reimbursement for wellness initiatives that fit your lifestyle.
Everyone counts: We believe every employee should have the opportunity to participate and succeed. Through leadership by our Chief Inclusion and Diversity Officer, we are committed to a workplace culture of respect, inclusion, and diversity. We recognize and celebrate the valuable differences among each of us, including race, religious beliefs, physical or mental disabilities, age, place of origin, marital status, family status, gender or gender identity and sexual orientation.
calendar_today3 hours ago