Application Security Consultant

The Security Consultant, focusing on Penetration Testing, will join our team of experts in ensuring the integrity and resilience of our clients' IT infrastructure and applications. You'll be able to work flexibly, providing expert guidance and support to our clients as needed.

Conduct thorough assessments of network and application security risks, identify vulnerabilities, and develop recommendations to mitigate potential threats.

Collaborate closely with clients to understand their unique security needs and provide tailored solutions that align with industry best practices and regulatory requirements.

Develop and document pragmatic recommendations and solutions, ensuring our clients receive clear and actionable insights to fortify their digital defenses.

Design and follow testing plans and perform risk assessments and testing of network and web applications.

1. Experience with the full consulting security testing project delivery cycle, including scoping, project kick-off, client-facing communications, and presentation of results to the client.

Synthesize data from multiple sources and present concise, relevant information for key parties.

Use various tools to discover vulnerabilities, such as cross-site scripting, SQL injection, cross-site request forgery, and remote code execution.

Foster transparent communication and expectation management with key stakeholders, ensuring seamless information flow, updates, and documentation.

Remain agile and responsive, undertaking any related duties necessary to ensure our security practices' efficacy and integrity.

Demonstrated expertise in conducting comprehensive application security assessments, network penetration testing, and vulnerability assessments.

Strong understanding of web application development frameworks, protocols, and security principles.

Proficiency in utilizing various security assessment tools and frameworks, including but not limited to Kali Linux, Nessus, Burp Suite, CIS benchmarks, MITRE ATT&CK, etc.

1. Proficient in identifying and exploiting Active Directory misconfigurations, with the capability to deliver clear remediation strategies to resolve vulnerabilities within the environment.

Excellent written and verbal communication skills with the ability to convey complex technical concepts to non-technical stakeholders.

1. Ability to work independently and collaboratively in a fast-paced environment, with a strong commitment to delivering high-quality results on time.

Passion for cybersecurity and a continuous learning mindset to stay ahead of emerging threats and technologies.

A positive, can-do, customer-focused attitude.

1. Relevant certifications such as CEH and OSCP/OSWE are highly desirable.

Proficient with M365 suite of products.

Demonstrated ability to communicate effectively with team members from a variety of disciplines, cultures, and backgrounds.

1. Must legally be entitled to work in Canada.

Bonus: Fluency in additional languages, enhancing your ability to support our international clientele effectively.

The DNA of Mirai Security was forged out of Vancouver’s cyber security community by members who wanted to do security better. Our culture is defined by our purpose, core values, and people. We seek out employees who are passionate about contributing to our company culture, our growth within the industry, and the greater cyber security community. You will be a great fit for us if you share our core values of Integrity, Care, Diversity, Growth-Mindset, and Innovation.

We're a remote-first company and are proud to offer competitive salaries, including merit increases as well as performance bonuses. We also offer a comprehensive benefits package (including but not limited to health, dental, and vision), continuous learning opportunities, and community networking.

At Mirai Security, we want you to be confident bringing your whole self to work—we’re proud to be an inclusive company with a diverse team and values grounded in ethics and equality.

While we thank all applicants for their interest, only shortlisted applicants will be contacted.