You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Senior Consultant, Vulnerability Management - Pen Testing

Vancouver, BC
Full Time
7 days ago
Job Type: Permanent 
Primary Location: Vancouver, British Columbia, Canada 
All Available Locations: Vancouver; Toronto 
Be encouraged to deepen your technical skills...whatever those may be.
Partner with clients to solve their most complex problems.
Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness. 

Our Vancouver and Toronto practice is growing and we are seeking a new Senior Consultant to join our talented team!

What will your typical day look like? 

As a Senior Consultant, you will:
  • Work with a diverse team of talented cyber security professionals across Canada
  • Work with unique clients with a diverse range of technology and cyber needs
  • Perform network & infrastructure, web & mobile application, and internet-of-things (IoT) penetration testing assignments and projects
  • Perform related assessments such as red teaming, social engineering (e.g. phishing and vishing), and physical security penetration testing
  • Perform security configuration reviews of different platforms such as switches, routers, operating systems, firewalls, cloud services, and others
  • Develop high quality penetration testing and other cyber security-related reports for business and technical stakeholders
  • Present penetration testing results and other cyber security-related information to business and technical stakeholders
  • Develop practical recommendations for clients to remediate identified cyber security issues, and communicate these effectively with business and technical stakeholders
  • Perform stakeholder management, including presentations, status updates, and reports for clients and internal team members / leaders
  • Perform quality reviews of penetration testing reports
  • Support/lead vulnerability management programs for clients
  • Consider vulnerability management and penetration testing within the broader security architecture and provide holistic and practical insights
  • Assess security architecture of solutions to identify weaknesses and opportunities for improvement to strengthen the cyber security posture
  • Provide training to clients and/or colleagues in penetration testing methodology and/or execution
  • Research and develop new techniques, tactics, and procedures for security assessments and penetration testing

About the team 

In a rapidly changing world where information has a significant value, supply chains are interconnected and there is uncertainty when doing business on a global basis, information security and privacy have become board level issues.  Deloitte's Cyber Risk Services helps our clients to be Secure, Vigilant and Resilient in the face of an ever increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions, using proven methodologies and tools. Our services help organizations address timely and pervasive issues such as identity theft, data security breaches, data leakage, cybersecurity, and system outages across organizations of various sizes and industries, with the goal of enabling ongoing, secure, and reliable operations across the enterprise. The environment at Deloitte is made up of intellectually curious, smart people; including world class security and privacy experts. Your mix of work will help foster your leadership skills and you will develop relationships with a team that you respect and have fun with. In addition, you will have the opportunity to identify areas of work that are of particular interest to you.


Enough about us, let's talk about you 

What you need
  • Minimum 4 years of relevant work experience in vulnerability management and penetration testing
  • Expertise in penetration testing of Web Applications, Mobile Applications and Thick Client Applications, SOAP & REST APIs, and Network Infrastructure
  • Ability to communicate technical information to both business and technical audiences (including in reports and presentations)
  • Ability to provide technical and non-technical training to peers and other consultants
  • Experience in researching and understanding new vulnerabilities and exploits
  • Experience in preparing and reviewing penetration testing reports
  • Experience using commercial and open-source vulnerability assessment tools (e.g. Qualys, Nessus, BurpSuite, Nmap)
  • General understanding of network components and server management, including routers, switches, firewalls, Windows, Linux etc.
  • Previous consulting firm experience is an asset
  • Experience in common software vulnerability standards such as CVE, CVSS scoring as well as research and testing methodologies like OWASP Top 10 and SANS Top 25.
  • Comprehensive experience in information security and aligned qualifications in security standards, such as ISO 27001 or equivalent is a plus
  • Experience executing social engineering is an asset
  • Experience with programming/scripting languages (such as Pearl, Python, Ruby, SQL) is an asset
  • Strong time management skills
  • Self-directed, with the ability to thrive in a fast-paced and dynamic environment
  • Strong analytical and problem solving skills, and the ability to articulate complex concepts in a clear and concise manner.
  • Ability to present ideas and results to technical and non-technical audiences
  • Obtained or interested in pursuing relevant professional designations, such as OSCP, SANS GWAPT, SANS GPEN, SANS GMOB, SANS GXPN or CISSP. 

Why Deloitte?
Launch your career with The One Firm where you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a culture built to support and develop our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, connect, and lead. We do this by making three commitments to you:
  • You will lead at every level: We grow the world's best leaders so you can achieve the impact you seek, faster.
  • You can work your way: We give you the means to be flexible in how you need and want to work, and we have innovative spaces, arrangements and the mindset to help you be wildly successful.
  • You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

The next step is yours
Sound like The One Firm. For You?
At Deloitte we are all about doing business inclusively - that starts with having diverse colleagues of all abilities!  Deloitte encourages applications from all qualified candidates that represents the full diversity of communities across Canada. This includes candidates from Indigenous communities in support of living our values and our commitments to our Reconciliation Action Plan  . We encourage you to connect with us at if you require an accommodation in the recruitment process, or need this job posting in an alternative format. We'd love to hear from you!
By applying to this job you will be assessed against the Deloitte Global Talent Standards. We've designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.
Deloitte Canada has 30 offices with representation across most of the country. We acknowledge our offices reside on traditional, treaty and unceded territories as part of Turtle Island and is still home to many First Nations, Métis, and Inuit peoples. We are all Treaty people.

Manufacturing and Production