Penetration Tester

20 - Professional Services & PMO · Toronto, Ontario
Department 20 - Professional Services & PMO
Employment Type Full-Time
Minimum Experience Mid-level

About the Role:

We are looking for dedicated, hard-working, and successful members to add to our team as we continue to expand. You will be joining an exciting and rapidly growing company. This outstanding position offers a chance to work in one of the highest demand fields, Cybersecurity, a defined career path, and excellent employee benefits. 

At ISA, we help protect our clients’ most sensitive and valuable data by performing comprehensive and real-world scenario testing. The consultant will have the opportunity to face a new client environment daily or monthly and will have to assess them accurately with hands-on testing and complex problem-solving. You are expected to have a deep understanding of information security and computer science from a red team point of view and must be able to identify/exploit misconfigurations in network infrastructure.  

About Us: 

ISA is a cybersecurity-focused technology firm, with 30 years of experience helping organizations of all sizes solve complex challenges relating to IT security.  We act as trusted advisors in providing services to help our clients define, implement and manage their strategies to minimize IT security related risk, and to provide a secure business environment for their employees and customers. We also deliver state-of-the-art cybersecurity solutions thanks to strong partnerships with the industry’s leading Technology Vendors.

Why Join Us? At ISA, every employee makes a P.A.C.T. to Embody Our Corporate Core Values, everyday.  Our core values (Passion for Excellence, Accountability, Commitment, Trust) shape the community and culture we have built and are an active part of everything that we do. We also believe that what will make you great is your individual contributions to your team; think of your team as a start-up that learn from each other. If you’re looking for autonomy and no old-fashioned hierarchy, ISA and you could be a match made in heaven. 

Reporting Relationship:

There are no positions that report to the Penetration Tester role.


  • Perform penetration tests on various environments, including internal & external networks, web applications, APIs, mobile, source code review, and cloud infrastructure penetration testing. 
  • Develop and maintain a multi-year schedule for penetration testing activities 
  • Design, perform and report on penetration testing of systems to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF) and Open Web Application Security Project (OWASP) 
  • Stay abreast of current attack vectors and unique methods for the exploitation of computer networks 
  • Follow the latest penetration techniques and share them with the team.   
  • Provide detailed reports with evidence of findings, risk analysis, advice, and remediation instructions. 
  • Communicate findings effectively to client stakeholders, including technical staff 
  • Safely utilize attacker tools, tactics, and procedures  
  • Help to improve ISA’s Malware development department by creating or modifying malware using the following programming languages (C, C++, and C#)


  • Basic Knowledge of supporting, implementing, and maintaining IT Security solutions, with an emphasis on network-based technologies 
  • Intermedium networking skills 
  • Minimum one (1) to three (3) years of professional experience conducting Vulnerability analysis and Penetration Testing assessments such as; Internal & External Networks, Web applications, APIs, Mobile, and Source Code reviews. 
  • Penetration testing Knowledge in Cloud infrastructure is a plus. 
  • Strong knowledge of ethical hacking principles and techniques 
  • Understanding of Vulnerability Assessment methodologies  
  • Ability to communicate risk effectively 
  • Experience conducting Security Assessment exercises, including SANS Top 20 Audits 
  • OSCP and/or PNTP are highly desirable, as are GPEN, EJPT, and eWPT or similar certifications. 
  • Multi-tasking ability 
  • Self-motivated 
  • Proficient knowledge of the following programming languages C, C++, C#, and Python.
  • Travel between 5% – 10% of the time if required.
  • Remote position; however, the candidate must be located in Canada.


ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need, please inform ISAs Human Resources team ( so arrangements can be made for appropriate accommodation to be in place during the recruitment process. 

Thank You

Your application was submitted successfully.

  • Location
    Toronto, Ontario
  • Department
    20 - Professional Services & PMO
  • Employment Type
  • Minimum Experience