New Job Senior Cyber Security Specialist (Penetration Tester) In Ontario


Company : Ministry of Government and Consumer Services
Salary : $74,877 - $110,338 a year
Location : Ontario

Full Description

About Us
The Cyber Security Division of the Ontario Public Service (OPS) proudly believes in our mission to protect the Ontario Government, public services and clients from a diversity of cyber threats.

Here is your opportunity to apply your information security expertise in red teaming, penetration testing and vulnerability assessments in a high profile environment where customer service is critical to success. Join a highly skilled group of professionals within the Cyber Security Division, Ministry of Government and Consumer Services.

Join Our Team
We are looking for a Senior Cyber Security Specialists with an in-depth understanding of security tools and applied practices. This is a technical and creative role, for a person who is enjoying being methodical in exploring new opportunities. Along with strong technology acumen and keen analytical skills, you'll have the ability to think strategically and creatively, with the capacity to push conventional boundaries, aiming to deliver best in class cyber protection services.

Start your career with the OPS
We are re-thinking how we deliver services through various initiatives, modernization initiatives and how we access and deliver critical services remotely. We are striving to enable a future-ready OPS workforce through a technology focused enterprise-wide strategies.

The Ontario Public Service (OPS) offers a competitive compensation package. We support career and leadership development, invest in learning opportunities, and recognize team and individual achievements, and support flexible work arrangements

What can I expect to do in this role?

In this role you will:

  • Lead the conduct of red team exercises, penetration tests, web application and network vulnerability assessments of environments or applications related to the OPS province-wide I&IT infrastructure and information resources.
  • Prepare formal assessment reports, briefing notes, memos and summaries for senior management.
  • Provide technical expertise, training and advisory services in vulnerability management and information systems security.
  • Develop and maintain team consultative processes with division colleagues to strengthen collaborative efforts on cyber security practices.

How do I qualify?


  • You have experience in identifying, analyzing and exploiting common vulnerabilities contained in web applications, using both manual techniques and automated tools appropriate for enterprise use.
  • You have experience with vulnerability assessment methodologies, tools and techniques used to conduct network vulnerability assessments and penetration testing.
  • You have demonstrated experience in leading vulnerability assessments in a large environment with diverse systems and of common attacks, common web application vulnerabilities, exploits and best practices for remediation.
  • You have knowledge of IT security methodologies, tools, techniques, security design and architecture, threat/risk concepts and practices, and encryption technologies.
  • You have the ability to acquire and interpret corporate I&IT security strategy, programs, the government's trust model, and privacy legislation.


  • You have oral and written communication, mediation, negotiation, consultative and advisory skills.
  • You have experience with writing reports aimed at both the executive/non-technical management level and technical analyst level.
  • You have skills to provide training in the use of commercial security assessment tools and scanners.
  • Your stakeholder management, partnership and relationship building skills allow you to initiate and nurture strong working relationships with internal and external colleagues.


  • You have working experience with a variety of operating systems, programming and scripting languages, platforms, and both common and obscure network services and protocols.
  • You have an understanding of emerging I&IT trends, best practices and developments in common attacks, common web application vulnerabilities, exploits and best practices for remediation.


  • You can provide leadership, advice and direction on business risk planning and co-ordination.
  • Your project methodology and management skills allow you to provide project planning and technical leadership on concurrent projects.


  • You have demonstrable analytical and problem solving skills to determine alternative and innovative solutions where guidelines or policies exist but may not address new and emerging I&IT trends.
  • You can conceptualize, interpret and evaluate security exposures across multiple domains.

OPS Commitment to diversity, inclusion, accessibility, and anti- racism:

We are committed to build a workforce that reflects the communities we serve and to promote a diverse, anti-racist, inclusive, accessible, merit-based, respectful and equitable workplace.

We invite all interested individuals to apply and encourage applications from people with disabilities, Indigenous, Black, and racialized individuals, as well as people from a diversity of ethnic and cultural origins, sexual orientations, gender identities and expressions.

Visit the OPS Anti-Racism Policy and the OPS Diversity and Inclusion Blueprint pages to learn more about the OPS commitment to advance racial equity, accessibility, diversity, and inclusion in the public service.

We offer employment accommodation across the recruitment process and all aspects of employment consistent with the requirements of Ontario's Human Rights Code. Refer to the application instructions below if you require a disability-related accommodation.

Additional Information:

  • 1 Permanent, 222 Jarvis St, Toronto, Toronto Region, Criminal Record and Judicial Matters Check (Fingerprint Based), Canadian Border Services Check, Credit History Check, Driver's License History, Intelligence, Local Police Databases Search, PIP/NICHE/RMS, Social Networking Search

Compensation Group:
Association of Management, Administrative and Professional Crown Employees of Ontario

Understanding the job ad - definitions

Information Technology

Posted on:
Monday, November 1, 2021

  • In accordance with the Ontario Public Service (OPS), Employment Screening Checks Policy (ESCP), the top candidate(s) may be required to undergo a security screening check. Refer to the above to determine the screening checks that are required for this position.

    Required security screening checks along with your written consent, will be sent to the Transition and Security Office (TSO), Talent Acquisition Branch (TAB), HR Service Delivery Division (HRSDD) to evaluate the results. If applicable, the TSO, with your written consent, will request and obtain any additional employment screening checks that were not obtained directly by you.

    A record under the Criminal Code and/or other federal offence record(s) does not automatically mean you will be ineligible for the position. The employment screening check(s) will only be reviewed and evaluated by the TSO for the purpose of making a security clearance decision. The details of an individual's employment screening check(s) will be considered in specific relation to the duties and responsibilities of the position being filled. Employment screening check records will be maintained by the TSO and kept strictly confidential.
  • E-MG-170877/21