To have a better experience, you need to:

Go to your browser's settings
Enable JavaScript

Apply By: Monday, July 7, 2025 11:59 pm EDT

Senior Cyber Security Specialist (Penetration Tester)

Job ID:

230395

Posting status:

Open

Organization:

Ministry of Public and Business Service Delivery and Procurement

Division:

GovTechON - Cyber Security Division

City:

Toronto

Position(s) language:

English

Job term:

1 Temporary - up to 12 months (with possibility of extension)

Job code:

6A003 - InformationTechnology06

Salary:

$82,217.00 - $121,155.00 Per year

Apply now

Accessibility support

Help defend Ontario's digital landscape!

Join a team dedicated to safeguarding the Ontario government, public services, and citizens against evolving cyber threats. As a Senior Cyber Security Specialist, you will apply your expertise in red teaming, penetration testing, and vulnerability assessments in a high-profile environment that values precision and innovation. With a balance of technical expertise and strategic thinking, you'll play a key role in strengthening cyber defences while working alongside a highly skilled group of professionals within the Cyber Security Division.

About the job

As part of our team, you will:

• run and assist with red team exercises, penetration tests, web application and network vulnerability assessments for environments and applications within the OPS province-wide I&IT infrastructure and information resources.
• prepare formal assessment reports, briefing notes, memos, and summaries for senior management.
• provide technical expertise, training, and advisory services on vulnerability management and information systems security.
• foster collaboration by developing and maintaining consultative processes with division colleagues to strengthen cybersecurity practices.

What you bring to the team

Cyber security expertise

You have:
• experience identifying, analyzing, and exploiting common web application vulnerabilities using both manual techniques and automated enterprise tools.
• experience in reading and writing exploit code in several different programming languages.
• expertise in vulnerability assessment methodologies, tools, and techniques for conducting network vulnerability assessments and penetration testing.
• proven ability to lead vulnerability assessments in large, diverse environments.
• knowledge of common attacks, web application vulnerabilities, exploits, and best practices for remediation.
• knowledge of IT security methodologies, tools, techniques, security design and architecture, threat/risk concepts and practices, and encryption technologies.
• the ability to acquire knowledge of, and interpret corporate I&IT security strategy, programs, the government's trust model, and privacy legislation.

Technical expertise

You can:
• work with a variety of operating systems, programming and scripting languages, platforms, and both common and obscure network services and protocols.
• stay informed on emerging I&IT trends, best practices, and developments in common attacks, web application vulnerabilities, exploits, and remediation strategies.

Analytical and problem-solving skills

You can:
• develop innovative solutions when existing guidelines or policies do not fully address new and emerging I&IT trends.
• conceptualize, interpret, and evaluate security exposures across multiple domains.

Communication and relationship-building skills

You can:
• effectively engage in discussions, negotiations, and advisory interactions through clear communication.
• write reports tailored for both the executive/non-technical management and technical analyst audiences.
• provide training on the use of commercial security assessment tools and scanners.
• build and maintain working relationships with internal and external stakeholders.

Leadership and project management skills

You can:
• provide leadership, advice, and strategic direction on business risk planning and coordination.
• apply project management methodologies to lead, plan, and oversee multiple concurrent projects.

Don't meet every qualification?

If you are excited about this position and meet most, but not all, of the listed qualifications, please still consider applying. We recognize that no one person might have every qualification in this job ad, and you just might be the right candidate!

How we support diversity, inclusion and accessibility

We are building an inclusive workforce that reflects the communities we serve. We encourage everyone interested in working with us to apply, including people with disabilities, Indigenous, Black and racialized individuals, as well as people from all ethnicities, cultures, sexual orientations, gender identities and gender expressions.

Our hiring process is accessible, consistent with Ontario's Human Rights Code and the Accessibility for Ontarians with Disabilities Act, 2005. We are working to prevent and remove barriers in our hiring processes and can offer accommodation to address specific needs related to Code-protected grounds such as disability, family status and religion. For more information about accommodation during the hiring process please contact us.

Learn more about the work the OPS is doing to create an inclusive, anti-racist, accessible and diverse workplace:

What we offer

We are a small, innovative, and tight-knit team of cybersecurity professionals who are passionate about protecting critical systems and data across the Ontario Public Service (OPS). We specialize in offensive security, including penetration testing and red teaming, and provide expert advice to help ensure the integrity, confidentiality, and availability of government systems. You'll work with a wide range of clients and systems across the OPS, gaining insight into the breadth of programs and services that serve Ontarians every day.

The Ontario Public Service is one of Ontario's largest employers. Employees work for a wide range of ministries, with offices in more than 70 cities across the province. We offer:

• a career that can grow across ministries and job functions
• flexible learning and developmental opportunities, including education and mentorship programs
• a comprehensive compensation and benefits package
• base salary that aligns to market trends with performance-based pay and scheduled salary progression
• tailored work arrangements, including opportunities like flex hours, self-funded leave and more
• a modern, friendly and accessible physical work environment

Additional information:

Apply by:

Monday, July 7, 2025 11:59 pm EDT

Position details:

1 English Temporary, duration up to 12 months, 222 Jarvis St, Toronto, Toronto Region, Criminal Record and Judicial Matters Check (Fingerprint Based), Credit History Check, Driver's License History, Intelligence, Local Police Databases Search, Ontario Provincial Police Investigation/Background Interview, PIP/NICHE/RMS, Social Networking Search

Compensation group:

Association of Management, Administrative and Professional Crown Employees of Ontario

Work hours:

Schedule 6

Category:

Information Technology

Posted on:

Friday, June 20, 2025

Note:

About security checks:
A criminal or other federal offence record does not automatically disqualify you from the position. We consider each situation based on the position's responsibilities.
If a check is needed and you've lived outside of Canada in the past 5 years for 6 or more months in a row, or if you are not a Canadian resident, you'll need to provide an out-of-country police clearance certificate from the country you lived in.
Employment screening checks are only reviewed and evaluated by the Transition and Security Office, which also maintains them and keeps them strictly confidential.
The information that you provide for the purpose of this competition and the results from this competition may be used to fill other positions. These positions may be of various tenures including short-term assignments. Your information and the results from this competition will be retained for the purpose of filling vacancies in accordance with the applicable collective agreement or policy provisions.
W-MG-230395/25

How to apply:

You must apply online.
Your cover letter and resume combined should not exceed five (5) pages. For tips and tools on how to write a concise cover letter and resume, review the Writing a Cover Letter and Resume: Tips, Tools and Resources.
Customize your cover letter and resume to the qualifications listed on the job ad. Using concrete examples, you must show how you demonstrated the requirements for this job. We rely on the information you provide to us.
Read the job description to make sure you understand this job.
OPS employees are required to quote their WIN EMPLOYEE ID number when applying.
If you require a disability related accommodation in order to participate in the recruitment process, please Contact Us to provide your contact information. Recruitment services team will contact you within 48 hours.

Language requirements and assessment:
All external Ontario Public Service (OPS) job ads are posted in English and French. Check the "position(s) language" section at the top of each job ad for the language requirements. For all roles, candidates are assessed in English, the business language of the OPS. If the position is bilingual (English/French), you'll also need to pass a French-language proficiency test.

Exigences en matière de langue et évaluation:
Toutes les offres d'emploi externes de la fonction publique de l'Ontario (FPO) sont affichées en français et en anglais. Consultez la section « Langue du ou des postes » en haut de chaque offre d'emploi pour connaître les exigences linguistiques. Pour tous les postes, les candidats sont évalués en anglais, la langue d'affaires de la FPO. Si le poste est bilingue (anglais/français), vous devrez également passer un test de compétences linguistiques en français.

Strengthening Ontario, together