Consultant - Attack & Penetration | Remote, Canada

This position will be fully remote and can be hired in any Canadian province

An Attack & Penetration Consultant is a highly skilled penetration tester capable of performing complex assessments while maintaining a business focus and meeting client requirements. This position will work both independently and as part of a team to perform Security Assessments including: vulnerability assessments, penetration tests, wireless security assessments and social engineering. A Security Consultant also contributes to the development and continuous improvement of the Security Assessment practice through various team and industry contributions.

How you'll make an impact

• Ability to combine multiple separate findings to execute complex attacks.
• Ability to manually validate vulnerabilities identified during assessments.
• Ability to identify, describe and report vulnerabilities and standard remediation activities, to include clear demonstration of risk to clients through post-exploitation activities required.
• Mastery of commercial and open-source security tools required (Nessus, Nexpose, SAINT, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng etc.).
• Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required (Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.
• Familiarity with command and control (C2) frameworks, such as Cobalt Strike, Mythic, Covenant, etc.
• Passion for creating tools and automation to make common tasks more efficient preferred.
• Knowledge of programming and scripting for development of security tools preferred.
• Demonstrated ability to create comprehensive assessment reports required.
• Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction.
• Ability to convey complex technical security concepts to technical and non-technical audiences including executives required.
• Ability to work both independently as well as on teams required.
• Willingness to collaborate and share knowledge with team members required.
• Proven ability to review and revise reports written by peers required.
• Demonstrated effective time management skills, ability to balance multiple projects simultaneously and the ability to take on large and complex projects with little or no supervision required.

• Prior experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Assessments and or Social Engineering to enterprise-level organizations.
• Ability to travel 25-40% of the time to client sites.
• OSCP, OSEP, OSWE certifications strongly preferred
• Bachelor's Degree from a four-year college or university in Information Assurance, Computer Science, Management Information Systems, or related area of study; or related experience and/or training; or equivalent combination of education and experience strongly preferred.
• #LI-NA1

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)