Eagle is currently seeking a Penetration Tester. This is a one (1) month, contract position scheduled to start in June.
The successful candidate will be responsible for:
- The Penetration Tester is to contact Cybersecurity and Risk Management to confirm targets. In addition, the source of the testing, timing, and approach is required to be identified prior to conducting the test.
- The resource must produce a timesheet describing work completed during the week to the department procuring the Penetration Tester;
- The resource may be requested to attend meetings to discuss Penetration Testing results to the departmental business owner and members of CSRM;
- Any risk identified and evaluated by the Penetration Tester as high or critical must be communicated as soon as possible to both the PNS department and CSRM against either the subject of the penetration test or an associated PNS service relied upon to deliver the service;
- It is strongly recommended that industry-standard best practice tools and methodologies (including the source of the best practice recommendation) are leveraged when mitigating any Penetration Test risk remediation;
- Upon request, the resource will prepare and deliver a technical presentation of the findings to the departmental service owner/project sponsor and/or ICTS. Special Conditions;
- All information collected, materials gathered, reports and the deliverable produced shall be the sole property of the Province of Nova Scotia. The resource shall not publish, or in any way use the information, materials gathered, and reports produced, without the prior written consent of PNS;
- Deliverables must be performed to the satisfaction of CSRM. All deliverables will be reviewed to ensure industry best practices have been are utilized. All Penetration test deliverables are the property of the Department procuring 7 Penetration Testing service;
- All toolkit(s) installed during the process of the Penetration test shall be removed from the systems, including but not limited to all files, binaries, scripts, backdoors, malware etc;
- No government data shall be copied from the PNS system(s) unless prior written authorization is granted, and;
- All final report should be delivered as pdf’s.
Skills and Qualifications
The qualified candidate must have:
- Experience in conducting Penetration Testing for complex systems with N-Tier Architectures;
- Conducted 2 or more Penetration tests within a 1 year period;
- Holds one or more of the following certifications: OSCP, OSCE, CEH, and GPEN;
- Indicate other relevant penetration testing certifications, if applicable;
- Experience with the Government of Canada;
- Experience with a major Canadian municipal government, and;
- Experience within the Government of Nova Scotia or another Canadian province or territory, including departments, agencies, or crown corporations (Specify which organization and GNS hiring manager if applicable).
Don’t miss out on this opportunity, apply online today!
Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.