Offensive Security Analyst

Build the future with us

Are you passionate about information security and looking to contribute to the mission of a company dedicated to ensuring its clients feel confident and secure about their future? As an Offensive Security Analyst, you will play a key role in strengthening our proactive security posture.

This position is a great opportunity to showcase your expertise and fully leverage your potential within a caring and trustworthy organization. Here, people and their development are at the heart of our priorities, fostering an environment that encourages collaboration and innovation.

As an Offensive Security Analyst, you will be at the heart of our mission. Here are your main responsibilities:

• Plan and perform intrusion tests on web applications, APIs, cloud environments, internal infrastructures, and more.
• Set up and participate in purple team exercises simulating real attack scenarios to enhance detection and response capabilities.
• Collaborate with defensive teams to validate controls and improve threat detection mechanisms.
• Document findings, provide remediation recommendations, and present results to both technical and non‑technical stakeholders.
• Stay informed about emerging threats, tools, and techniques in offensive security. Work with a high degree of autonomy and initiative, while aligning with team goals and the organization’s overall security strategy.

We are looking for someone who:

• Is recognized for their knowledge of the OWASP Top 10, MITRE ATT&CK, and threat‑modeling frameworks, as well as their demonstrated ability to perform various types of intrusion tests, including on‑premises, cloud or hybrid infrastructure, web applications, Active Directory, and mobile environments.
• Stands out for their ability to effectively use specialized offensive security tools such as Burp Suite, Nmap, Nessus, BloodHound, Metasploit, Cobalt Strike, or other equivalent tools commonly used in offensive security.
• Demonstrates a strong ability to simplify complex technical concepts, clearly communicate the impact of identified vulnerabilities, and effectively engage with a wide range of stakeholders.
• Is recognized for their autonomy, initiative, and active contribution to knowledge sharing within the team, while closely collaborating with defensive teams.
• Has 3 to 5 years of experience in offensive security as well as 7 years of experience in information technology (IT).
• Has an intermediate level of English and French proficiency, as the role requires writing documentation in English and participating in meetings with English‑speaking partners on a weekly basis.

The following criteria will be considered strong assets:

• Certifications such as OSCP, OSWE, OSEP, CRTP, GPEN, CPTS, or other equivalent credentials.
• Experience in scripting (Python, Bash, PowerShell) for automation and exploit development.
• Experience in security control bypass (e.g., malware development), and familiarity with SIEM/SOAR platforms and detection engineering.
• Experience with Infrastructure as Code, such as Terraform.
• A background in networking or software development.

• A work environment where learning and development go hand in hand with a collective pursuit of excellence.
• A healthy, safe, fair, and inclusive environment where everyone’s potential can be expressed and developed freely.
• The ability to work in a hybrid environment supported by flexibility and access to inspiring and innovative workspaces.
• A competitive benefits package: flexible group insurance, a competitive pension plan, an employee share purchase plan, vacation and wellness/personal development days, telemedicine, an employee and family assistance program, ergonomic equipment program, performance bonus, discounts on iA products, and more!

Apply now and take charge of your career—where your talent truly matters!

Not sure whether to apply?

At iA, we believe in potential and value diverse experiences. If this role inspires you, go ahead and apply—your place may be with us, and we want to get to know you!