Security Specialist

Our Client is looking for a Senior Security Specialist with strong experience across penetration testing, red team exercises, threat hunting, vulnerability assessments, source code review, and network and application security .

The successful candidate will support cybersecurity initiatives across Ontario Provincial Police and OPS province wide I&IT infrastructure, applications, systems, and information resources. This role requires hands-on offensive security

expertise, strong technical analysis, and the ability to document risks and provide recommendations to both technical and executive audiences.

Key Responsibilities Conduct penetration tests, vulnerability assessments, source code reviews, network vulnerability assessments, threat hunting activities, and red team exercises Identify, analyze, and exploit common vulnerabilities in web applications, networks, systems, and enterprise environments Use manual testing techniques and enterprise-grade automated tools to assess security posture Lead or support red team exercises to simulate cyber attack scenarios and identify exploitable weaknesses Conduct network threat hunting and assess suspicious activity, attack paths, and potential compromise indicators Define, evaluate, and assess security requirements and safeguards for system environments and IT projects Identify gaps or weaknesses in security architecture and recommend mitigation strategies Ensure IT security and contingency measures are incorporated into system development and secure deployment Advise on security risks, privacy concerns, vulnerabilities, and compliance with relevant security standards Support I&IT security projects and tasks as assigned by the OPP Chief Security Office and/or cluster I&IT management Prepare clear reports, document risks, and provide recommendations for technical teams, business stakeholders, and executive management M ust-Have Experience 10 plus years of experience in penetration testing, red team tactics, threat hunting, or network and application security

Strong experience conducting penetration tests and vulnerability assessments

Strong experience with red team tools, techniques, tactics, and strategies

Strong experience with network threat hunting and network vulnerability assessments

Experience reviewing source code and identifying security weaknesses

Experience writing security reports, documenting risks, and presenting recommendations to diverse audiences

Strong understanding of security architecture, application security, and network security testing

Required Skills Hands-on experience with web application security testing

Experience identifying and exploiting common application and infrastructure vulnerabilities

Knowledge of vulnerability assessment methodologies, tools, and techniques

Knowledge of secure system design, security safeguards, and security controls

Ability to assess security requirements across complex and distributed systems

Knowledge of security technologies such as encryption, access controls, firewalls, authentication, digital signatures, and malware protection

Working knowledge of security audit procedures and protocols

Experience establishing secure environments at the network, operating system, or application level

Strong analytical, problem-solving, and decision-making skills

Strong written and verbal communication skills

Ability to manage competing priorities, meet deadlines, and work with multiple stakeholders

Nice-to-Have Skills Public sector experience

Experience in law enforcement, public safety, or highly sensitive environments

Experience with Windows and Linux operating systems

Experience with programming languages such as .NET and Java

Experience with DAST, SAST, source code review, log collection, and log analysis

Experience with IDS, IPS, SIEM, network monitoring, and threat hunting tools

Experience with incident response, forensic investigation, business recovery, and disaster recovery planning

Experience performing threat and risk assessments

Experience with Public Key Infrastructure

Knowledge of Information Management principles, concepts, policies, and practices

Experience with secure design frameworks and agile delivery environments