BulletProof

Pentester

Headquartered in Canada with locations around the globe, Bulletproof has decades of technology, security, and compliance expertise.

Bulletproof’s work in the security space has been recognized
nationally and globally with Microsoft’s global Security Partner of the Year in 2021 and five Microsoft Canada Impact Award wins from 2019 to present-day.

What the Role Does

As a pentester, you will conduct security assessments by probing for and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our client is mitigated.

Duties and Responsibilities include: 
 Conducts security assessments
 Defines the scope for security testing assignments
 Creates quality assurance security test reports and other documentation as needed
 Develops appropriate remediation plans
 Provides technical support as a subject matter expert in the sale of security testing assignments on an as needed basis
 Provides direction on malware, attack vectors and methods to protect against threats
 Stays up-to-date on current tools, technologies and vulnerabilities to incorporate into testing practices

Requirements: 
 Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or College Diploma equivalent
 Experience performing vulnerability assessments and/or penetration tests would be preferred
 Application and/or infrastructure penetration testing experience above and beyond running automated tools
 A good understanding of Linux, Windows and network security skills
 Excellent written and oral communication skills in English
 Ability to meet deadlines and deliver a high-quality product (reports)
 Strong attention to detail
 Ability to work both independently and in a team environment.

Familiar with:   
 Nessus
 MetaSploit
 Burp Suite
 Kali
 Nmap
 Fortify

Certifications – One or more of the following certifications are considered an asset:

 EC-Council CEH, LPT
 GIAC CPEN
 OSCP
 Any other recognized penetration testing certification/accreditation

The following skills are preferred but not required:  
 PCI ASV
 Experience developing custom scripts or tools used for vulnerability scanning and identification
 Support team technical development (e.g. through service development or research) and contribute to company technical processes overall
 Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro
 Experience with phishing and social engineering techniques.
 Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB

We offer:
 Full time, permanent contract. 40k-50k depending on skills and background
based in Bologna. Smart Working is possible after probation.


ISS Auditor

Headquartered in Canada with offices around the world, Bulletproof has decades of experience in IT, security, and compliance.
Bulletproof is a Microsoft Solutions Provider, a FOUR-PEAT Microsoft Canada
Workplace Impact Award winner, and crowned the 2021 Microsoft Global Security Partner of the Year. Bulletproof is a member of the Microsoft Intelligent Security Association.

We are growing. We have 20+ years in the market, and our mandate to expand our capacity and market reach is aggressive.  We are building the team to help us achieve those goals, in Canada, and internationally.

This position will focus on:
• Managing and delivering ISMS audit assignments
• Defining the scope for ISMS audit assignments
• Developing and quality assuring security audit reports
• Reviewing documentation and implementation of ISMS controls
• Working as subject matter expert for ISMS audits

Education, Experience and Skills:
• AS/BS Degree in Computer Science, Computer Engineering, Electrical Engineering or
equivalent technical discipline. Other degrees which are balanced by relevant technical
experience will be evaluated.
• At least two years working experience in ISO 27001/InfoSec external audit at an
Accounting/Consulting organization would be highly appreciated.

One or more of the following certifications are required, together with the availability to prepare for further certifications:
• ISACA CISA, CRISC, CISM
• ISO 27001 LA/LI

• PCI QSA
• (ISC)2 CISSP

Your work experience has been:
• Hands-on experience in projects including ISO 27001 compliance
(audit/implementation), internal control, business processes review, IT audit, IT general control, cloud computing, IT system implementation is A MUST.

• Fluent English is required.
• Must have sound knowledge of OSI model and network related protocols.
• Must have knowledge of the main Information Security concepts and implementation models for Asset Management, Access Control, SIEM, EDR and other relevant areas.
• Must have clear understanding of Risk Assessment and Change Management.
• Must have experience in implementing/assessing physical and environmental security controls
• Exposure to data analytics and proficiency in analytic software
• Must demonstrate sound report writing skills, presentation and communication skills.
• Must have conflict resolution skills, stress resilience, positive attitude, appetite for team work
• Must be able to travel up to 25% of the time.

We offer:
Full time, permanent contract. 45k-55k depending on skills and background based in Bologna. Smart Working is possible after probation.


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close