Our team and what we'll accomplish together:
We are a dedicated cybersecurity professional services team that collaborates with TELUS customers to assess their security posture. Our primary focus is on assessing vulnerabilities, and providing actionable recommendations to improve overall security. Our Penetration Testing team plays a pivotal role in simulating real-world attacks, helping our clients bolster their defense mechanisms.
What you'll do:
As a manager of a Penetration Testing Team in our Offensive Security Practice, you will be instrumental in managing and growing our Penetration Testing Practice. Reporting to the Director of Cybersecurity Professional Services, your responsibilities will include:
Overseeing and coordinating penetration testing projects, ensuring the delivery of high-quality results and client satisfaction Developing and maintaining robust methodologies, tools, and best practices for penetration testing Leading and mentoring a team of skilled penetration testers, supporting their professional and technical growth Collaborating with sales teams to scope projects, develop proposals, and offer technical expertise during the pre-sales process Engaging with clients to understand their security needs and objectives, tailoring services to meet those needs Reviewing and approving detailed penetration testing reports, ensuring they provide clear, actionable insights Staying updated with the latest cybersecurity threats, vulnerabilities, and attack techniques Developing and implementing strategies to expand the penetration testing practice and its service offerings Ensuring all penetration testing activities comply with legal and ethical standards Participating in business development activities, including industry leadership events and conferences Managing resource allocation, budgeting, and financial aspects of the penetration testing practice Collaborating with other cybersecurity teams to integrate findings into broader security strategies Establishing and maintaining relationships with key stakeholders, including clients, partners, and internal teams
What you bring:
7+ years of experience in penetration testing or ethical hacking roles 3+ years of experience in a leadership or management position within a cybersecurity context Bachelor's degree in Computer Science, Information Security, or a related field; an advanced degree is preferred Proficiency in penetration testing methodologies, tools, and techniques across various platforms (web, mobile, network, cloud) Strong understanding of information security principles, risk management, and compliance frameworks Excellent project management skills with the ability to manage multiple complex projects simultaneously Proven ability to build and lead high-performing technical teams Strong communication skills, capable of explaining technical concepts to both technical and non-technical audiences Experience in client relationship management and business development in a professional services environment Familiarity with relevant security standards and regulations (e.g., OWASP, NIST, ISO 27001, PCI DSS) Hands-on experience with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap) and scripting languages (e.g., Python, Bash) A creative approach to problem-solving, thinking from an attacker's perspective Strong ethical standards and a deep understanding of the legal implications of penetration testing Current or the ability to achieve Secret Level II clearance required
Great-to-haves:
Relevant certifications such as OSCP, GPEN, CEH, or CREST Experience with red teaming and advanced persistent threat (APT) simulations Knowledge of secure software development practices and application security Familiarity with cloud security and experience testing cloud environments (AWS, Azure, GCP) Experience with IoT and industrial control system (ICS) security testing Bilingual (English and French) Contributions to the cybersecurity community through published research or other means
Advanced knowledge of English is required, because you will, most of the time, interact in English with external parties (clients, suppliers, candidates, external partners, etc.), interact in English with internal parties (colleagues, internal partners, stakeholders, etc.), as part of this position's main responsibilities, given its national scope.