Penetration Tester / Ethical Hacker – Visa Support Provided

About the Company

CGI Inc. is among the largest IT and business consulting services firms in the world, committed to helping clients achieve their business goals by harnessing the power of technology. With a global presence and a robust team of professionals, CGI delivers end-to-end services, from IT strategy and consulting to systems integration, managed services, and intellectual property solutions. We pride ourselves on our client proximity model, fostering strong relationships and delivering localized expertise.

Job Description

We are seeking a skilled and passionate Penetration Tester / Ethical Hacker to join our dynamic cybersecurity team. This role is crucial for identifying vulnerabilities, assessing risks, and strengthening the security posture of our diverse client systems and applications. You will be responsible for conducting comprehensive penetration tests, analyzing findings, and providing actionable recommendations to enhance security defenses. We actively support international talent and offer visa sponsorship for qualified candidates looking to relocate and contribute to our team in Windsor, Ontario.

Key Responsibilities

• Conduct thorough penetration tests on web applications, mobile applications, network infrastructure, and cloud environments.
• Perform vulnerability assessments and generate detailed reports outlining identified risks and remediation strategies.
• Develop and execute test plans, leveraging both automated tools and manual techniques.
• Simulate real-world attacks to identify weaknesses and evaluate the effectiveness of existing security controls.
• Collaborate with development and operations teams to prioritize and track remediation efforts.
• Stay current with the latest cybersecurity threats, attack techniques, and industry best practices.
• Contribute to the continuous improvement of our security testing methodologies and tools.
• Provide clear, concise, and actionable security recommendations to technical and non-technical stakeholders.
• Participate in incident response activities as needed.

Required Skills

• Minimum 3 years of experience in penetration testing, ethical hacking, or security consulting.
• Strong understanding of network protocols, operating systems (Windows, Linux), and web technologies.
• Proficiency with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Nessus, Wireshark).
• Solid knowledge of OWASP Top 10, SANS Top 25, and common attack vectors.
• Experience with scripting languages (e.g., Python, Ruby, PowerShell) for automation and exploit development.
• Familiarity with cloud security principles and testing (AWS, Azure, GCP).
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a collaborative team.

Preferred Qualifications

• Relevant industry certifications (e.g., OSCP, CEH, GPEN, GWAPT, OSWE).
• Experience with static/dynamic application security testing (SAST/DAST) tools.
• Familiarity with security frameworks and compliance standards (e.g., NIST, ISO 27001, PCI DSS).
• Experience with purple teaming or red teaming exercises.
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.

Perks & Benefits

• Competitive salary and performance-based bonuses.
• Comprehensive health, dental, and vision insurance.
• Generous paid time off and holidays.
• Retirement savings plan with company match.
• Professional development and training opportunities, including certification reimbursement.
• Visa sponsorship and relocation assistance for eligible candidates.
• Hybrid work model for flexibility.
• Dynamic and collaborative work environment.
• Employee assistance program.

Apply Now