4 Security Assessment jobs in Canada

Job Description

*This is a remote position, and candidates must be located in Ontario, CA.

NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at

NetSPI is seeking a Senior Security Consultant who will serve as a resource for delivery of secure code review and web application penetration assessments.  This position requires an understanding of various web technologies, enterprise secure development and risk management. In addition, it requires experience with application security assessments/testing, as well as demonstrated competencies in problem solving, client service, written/verbal communication, and project execution.

Responsibilities:

• Conduct in-depth penetration testing and secure code review assessments on web applications
• Dynamically exploit vulnerabilities found in codebase and correlate insecure coding practices into dynamic application vulnerabilities
• Deliver secure code review assessment on programming languages such as Java, C#, Python, C/C++, Perl, PHP
• Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques
• Train and assist developers in writing secure software and remediating existing vulnerabilities
• Provide oversight to peers on service lines through QA process
• Mentor and assist team members in effectively delivering assessments and enhancing skillsets
• Present detailed penetration test findings to clients and assist in remediation planning
• Engage in research to develop new penetration testing methods, tools, and innovative exploit techniques
• Contribute to the cybersecurity community through tools, presentations, white papers, and blogging
• Maintain consistency with other internal requirements related to day-to-day administration tasks (time keeping, status updates to clients, etc.)

Minimum Qualifications:

• Minimum of 3-5 years of experience in application security including both secure code review and web application penetration testing
• Exceptional familiarity in all Burp Suite functions. Published Burp extensions and ability to create new Burp Suite extensions preferred
• Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code
• Ability to explain risk and business impact of security vulnerabilities to variety of audience
• Bachelor’s degree or higher, preferably in Computer Science, Engineering, Mathematics, IT, or a related field; equivalent experience will also be considered.
• Willingness to travel up to 25%

Preferred Qualifications:

• Ability to provide technical and QA oversight on Web Application Penetration Testing and Secure Code Review service lines.
• Experience in detecting, analyzing and providing recommendation guidance on security vulnerabilities using SAST and/or manual secure code review in at least two of the following languages: Java, C#, PHP, Python, C/C++
• Experience in software development in at least one server-side programming language

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.  

RISK ASSESSMENT SPECIALIST

OUR PURPOSE

To unlock a sustainable future, we apply our combined expertise to create a positive impact for the planet and future generations.

At Matrix Solutions we collaborate across services, disciplines, and geographies to solve environmental challenges together – motivated to do better for our clients, each other, and the communities where we live and work. We deliver responsive, locally connected, and scalable solutions to help our clients achieve their ambitious goals for a more sustainable and resilient future.

WHO WE ARE

One of Canada’s leading providers of environmental consulting and engineering services. With a proud history of nearly 40 years delivering innovative, pragmatic, and sustainable solutions for public and private sector clients. Matrix is a proud part of Montrose Environmental Group, with a network of teammates across 90+ locations around the world.

WHAT WE DO

We partner with clients and communities to solve challenges. It’s our job to unlock solutions that shape a resilient future where our clients, people, communities, and environment thrive.

OUR COMMITMENT TO DIVERSITY, EQUITY AND INCLUSION

Our team is made up of diverse people working collaboratively towards common goals. We value the contributions and perspectives of all employees and are committed to equity and diversity initiatives to create a feeling of belonging for all of our people. When we are inclusive and diverse in a way that reflects the broader world we serve, we are able to draw from a wider community of excellence within the regions we operate.

Are you looking to…

• Influence the framework and lead the growth of a fast-growing technical practice in risk assessment
• Bring your strong background in toxicology and risk assessment to work alongside our technical lead of Risk Assessment and Risk Management
• Work on challenging and exciting projects from the routine to the technically complex and bring them to closure using risk assessment approaches
• Lead the way in working with regulators to advance risk assessment as a closure tool
• Work with technical experts from across a broad spectrum to help build your approach to projects
• Have autonomy and the opportunity to interact and work with a community of technical experts from other Matrix regions.
• Partner with extensive, long-standing clients such as municipal governments, conservation authorities, academia, and private industry.

As a Risk Assessment Specialist, you will be part of the foundation of our human health and ecological risk assessment (HHERA) group. Candidates can be based in any Matrix office location. The successful applicant will be involved in a broad range of risk assessment, risk management and toxicology projects with responsibilities as follows:

• Maintain a strong working knowledge of federal and provincial risk-based regulations
• Act as Technical Accountable for HHERA for a variety of clients for risk-based management of contaminated sites across Canada
• Provide support as an expert witness if/when needed in the regulatory approval process
• Provide senior review for quality assurance of technical risk assessment and risk management reports
• Conduct presentations on regulatory changes to other Matrix technical teams and our clients on an as-needed basis
• Provide leadership to a team of professionals who conduct HHERA across Canada, often in addition to providing other contaminated sites expertise
• Work with risk assessment practitioners and contaminated sites project managers to advance risk assessment and risk management skills among Matrix personnel
• Promote site-specific risk assessment and risk management services within Matrix and externally to clients
• Lead or contribute to site-specific risk assessment business development opportunities across Canada and provide strategic proposals and budgets for new work opportunities
• Regularly and effectively communicate with regulators, clients, and technical staff
• Maintain risk assessment and risk management models and provide training to practitioners
• Develop and maintain a hazard assessment resource library (e.g., current toxicological profiles).

What We Are Looking For

• Minimum of 12 years practicing risk assessment and applying Canadian risk assessment protocols
• M.Sc., M.Eng., or Ph.D. in toxicology, biology, applied chemistry, environmental science, environmental engineering, or related discipline(s)
• Eligibility or current Professional designation in a relevant association
• Comprehensive understanding and experience using federal and provincial guidelines and risk assessment frameworks
• Strong organizational, interpersonal and communication skills with the ability to lead and mentor project teams
• Valid driver’s license and a satisfactory driving record.

Why Choose Matrix

At Matrix you will be part of an amazing community of collaborative people who live our purpose and values and bring industry-leading technical expertise to their work every day. We offer a comprehensive compensation package, which includes RRSP matching, vacation + ‘Me’ days, and benefits. We are also committed to flexible work hours and schedules, team-based work, and cross-training opportunities.

Click the Apply button.

Are you the one we're looking for? Please apply to us directly . As a note, we are not accepting third party agency applicants at this time.

Matrix is committed to providing a safe and productive work environment and to promoting the health, safety and well-being of our employees. In keeping with our Health & Safety Policy, individuals in safety sensitive positions are subject to pre-employment, pre-access (and in some client cases, random) alcohol & drug testing as well as drivers abstract reviews.

Applicants must have legal authorization to work in Canada with no restrictions.

We welcome and promote diversity and inclusion in our workplace and encourage applications from all qualified individuals. Matrix provides support in its recruitment processes to applicants with disabilities; including accommodation that takes into account an applicant’s accessibility needs. Candidates requiring accommodation during the recruitment process are asked to contact Human Resources directly.

Please follow us on LinkedIn (@Matrix Solutions Inc.) for ongoing updates about our people and business.

For more information about Matrix Solutions, please visit and don’t forget to our bookmark our careers page.

While we appreciate all applications we receive, we advise that only candidates under consideration will be contacted.