Senior Security Consultant (Web Application Penetration Tester)
Ten Eleven Ventures
NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at
Join the mission as a Senior Security Consultant. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting web applications, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.
Responsibilities
- Conduct engagements on web applications and underlying APIs independently and provide technical oversight
- Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others
- Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture
- Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes
- Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts
- Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.
Minimum Qualifications
- Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience
- Minimum of 3-5 years of work experience in Penetration Testing
- Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus)
- Familiarity with offensive and defensive IT concepts and protocols
- Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks.
- Working knowledge of Windows, Linux and MacOS operating systems internals
- Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences
- Ability to work independently and as part of a team
- Proficient communication skills, both written and verbal
- Willingness to travel up to 5-10%
- This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs
Preferred Qualifications
- Ability to provide technical and QA oversight on web applications and underlying APIs.
- Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#)
- Offensive cybersecurity certifications (e.g., GXPN, GPEN, OSCP, GWAPT)
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
#J-18808-Ljbffr- What is the opportunity? The Application Security team is undertaking multiple complex enterprise-wide initiatives to improve the security and quality of RBC applications. Reporting to the Senior Manager of Penetration Testing, you will provide application penetration testing...SeniorWebFull timeInterim roleFlexible hours
$98k - $167k per year
Cyber Security Manager - Penetration Tester 2 weeks ago Be among the first 25 applicants We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize...SeniorWebFull time$82.8k - $154.8k per year
...Application Deadline:08/27/2026Address:VIRTUAL59 - REMOTE/TELETRAVAIL... ...workDirectly influence the security of Network\Cloud environments... ...volumeFocus on deep, manual penetration testing (Network, Cloud, and... ...-quality engagements versus consulting-style, high-volume work....SuggestedContract workPart timeLocal areaRemote work- Akkodis is looking for an Expert Penetration Tester for a hybrid remote position in Toronto, tasked with executing critical security assessments and penetration testing. This contract... ...networks and systems • Execute application security and cloud security evaluations...SuggestedContract workManual laborRemote work
- Advance your career with RSM as an Application Security Consultant. Focus on manual penetration testing and security assessments while collaborating across multiple technology stacks. RSM is on the lookout for a skilled Offensive Security Consultant to lead dynamic application...Web
$88k - $132k per year
Senior Consultant - Oracle Application Security & GRC Location: Toronto Date: Apr 14, 2026 The Opportunity EY is looking for dynamic individuals in the Oracle Applications Security and GRC space for on‑premise and cloud applications. These professionals will know how to...Senior$113k - $163k per year
...anywhere you want to go. We are seeking an experienced Senior Application Security Specialist to join our team. The successful candidate will... ...prioritized, and actionable remediation results. Conduct penetration testing, code scanning, secrets management (GitGuardian),...SeniorLocal areaFlexible hours- Lead application security initiatives with a focus on threat modeling as a consultant in downtown Toronto. This role combines strategic leadership, security testing, and risk assessment. As an Application Security Risk Consultant for a 12-month contract, you will spearhead...Contract work
- Tata Consultancy Services (TCS) is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical... ...platform ensuring Zero Trust, compliance, auditability and secure SDLC integration. Total Experience: 4-6 years Required Skills...Senior
$120k - $150k per year
...using agile methodologies to build and support an AWS cloud native application for the financial services industry. We are looking for... ...Computer Science, or equivalent. 6+ years of experience with web application development. 2+ years of experience with Node.JS /...SeniorWebFlexible hours- ...Expert working knowledge of web base development technologies... ...an enterprise wide proprietary application to manage most aspects of its... ...parameters for testing, including consulting on the data and code that need... ...requirements and support the Senior Director where decisions are required...SeniorWeb
- Become an Oracle Fusion HCM Application Tester focusing on ensuring the functionality and performance of Oracle Fusion applications. Your role entails rigorous testing of key HR modules. This opportunity requires a QA tester with over five years specializing in Oracle Fusion...
$180k - $280k per year
...tools. About The Role The security team is responsible for and committed... .... Sentry is looking for a Senior Security Engineer to join our... ...security team, working across application and platform security domains... ...solutions aligned with Secure-by-Design concepts and standards...SeniorHourly payWork at office- Join to apply for the Senior Application Consultant – Braze role at VML Enterprise Solutions 4 days ago – Be among the first 25 applicants Are you eager to learn about innovative technologies? Would you like to work with some of the awesome internal tools developed...SeniorFull timeInternship
- Accenture is hiring a Lead Web Application Developer, focusing on Java Spring Boot and AWS integration. Elevate your career by leading application... ...Application Lead, you will drive the design and development of secure web applications while collaborating closely with product teams...Web
- Elevate application security with Manulife as a Senior Application Security Specialist. Focus on risk governance, threat monitoring, and ensuring compliance... ...SonarQube for code scanning and validation, conduct penetration testing, and collaborate closely with stakeholders to...Senior
- As a Senior Strategic Security Consultant at Mandiant, part of Google Cloud, you will help clients effectively prepare for, proactively mitigate... ...and malware triage. You may also test client networks, applications, and devices by emulating the latest techniques to help...Senior
- ...days a week work from office Seniority Level - 10+ Years (Senior) Required... ...- ASPM and Threat Modeling Secure coding practices Advanced... ...methodologies - SAST, SCA, DAST, penetration testing. Compliance - OWASP... ...NIST, ISO 27001 SAST (Static Application Security Testing) DAST (...SeniorWork at office3 days per week
- Introduction A career in IBM Consulting is built on long-term client... ...about breaking into applications, networks, systems, databases... ...other technologies to uncover security vulnerabilities and help fix... ...primary duty is to conduct penetration tests against clients’ applications...SeniorWebLong term contractWorldwide
- ...digital transformation journey. As a Senior DevOps Consultant you will be joining CIBC’s ASG (Alternate... ...will collaborate with partners in application delivery, application development,... ...clients feel like they belong. We seek applicants with a wide range of abilities and we...SeniorRemote work
- Manulife seeks a Senior Information Security Consultant to specialize in Risk Governance and Control. Lead comprehensive RCSA efforts and ensure operational resilience across the organization. In this role, you will report to the Director, IRM, and focus on testing controls...Senior
- Elevate security measures for CIBC's web applications as a Senior Security Services Consultant in Toronto. Lead initiatives in managing security technologies such as Akamai ION and WAF within a hybrid work environment. At CIBC, the Security Service Management function protects...SeniorWeb
$205k - $240k per year
...create impact in this role: Security Strategy & Architecture... ...execute Homebase’s multi-quarter Application Security roadmap, aligning security... ...& Culture Partner with senior leaders across Engineering, Product... .... Strong expertise in web application security, cloud‑native...SeniorWebLong term contractTemporary workWork at officeWork from home- 8+ years of experience in application security, secure software engineering, cybersecurity architecture, or related roles Proven experience implementing... ...OWASP Top 10 API Security Top 10 Common software and web application vulnerabilities Hands‑on experience with application...Web
- Elevate your career as a Senior Consultant in Cyber Security Operations Centre with BDO Digital. Leverage your expertise in Microsoft security technologies and incident response to assist clients effectively. In this role, you will utilize your skills as a seasoned SOC investigator...Senior
- ...high‑performing culture. We are looking for a Senior Web Developer to design, build, and scale high quality web applications that support critical business and customer... ...around system design, code quality, performance, security, and mentoring less experienced developers....SeniorWebFlexible hours
$70k - $90k per year
We are looking for a Senior QE Engineer to join our QEA team in a permanent role. You will be responsible for developing and maintaining... ...expectations. Legal requirement Cognizant will only consider applicants for this position who are legally authorized to work in Canada...SeniorPermanent employmentWork at office3 days per week- Description Are you passionate about working with complex web and mobile applications? Do you have expertise in technologies such as Angular,... ...backend integrations (Firebase, AWS, etc.). Strong knowledge of security best practices for web and mobile applications. Conditions...WebWork visa
- ...opportunity to execute and lead various security system projects. Your role will encompass... .... We value diversity and encourage applications from candidates eager to contribute their... ...conditions. Experience coordinating with consultants and contractors on integrated projects....For contractors
- NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world‑class security professionals with AI and automation, NetSPI delivers... ...class team using top‑tier custom tools. Applicants are expected to leverage strong...SeniorWorldwide
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security Consultant (Web Application Penetration Tester). Be the first to apply!
- security analyst Toronto, ON
- conseiller en sécurité financière Toronto, ON
- security operations specialist Toronto, ON
- physical security analyst Toronto, ON
- junior security analyst Toronto, ON
- spécialiste en sécurité informatique Toronto, ON
- security analyst remote Toronto, ON
- security consultant Toronto, ON
- application security consultant Toronto, ON
- spécialiste en sécurité Toronto, ON
