Senior Offensive Security Advisor at Desjardins

Montreal, Quebec, Canada -

Full Time

Start Date

Immediate

Expiry Date

17 Apr, 26

Salary

0.0

Posted On

17 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Offensive Security, Penetration Testing, Threat Modeling, Vulnerability Detection, Application Security, Infrastructure Operations, Risk Assessment, Cybersecurity, Diagnostics, Research, Innovative Methodologies, Asset Recognition, Interpersonal Skills, Strategic Mindset, French Proficiency, MITRE ATT&CK Framework

Industry

Banking

Description

As a Senior Offensive Security Advisor, you help identify, analyze, eradicate and mitigate threats to Desjardins Group’s external systems. You plan for threats based on the continuous development of offensive techniques and threat actors. You design, develop and implement offensive methods and tools, while mitigating the risks associated with their use. You follow rigorous processes and develop new ones to protect the organization from cyberattacks. You’ll have access to a diverse range of cutting-edge offensive tools and the opportunity to continuously test to identify, analyze and exploit vulnerabilities. More specifically, you will be required to: Discover and map out exposed assets and services: configure and develop discovery tools to maintain a complete and up-to-date inventory. Identify and analyze major issues. Create diagnostics and make recommendations based on different constraints. Analyze, map and explain threats to guide test activities. Analyze, map and explain REALISTIC threats identified on the external perimeter. Identify exploitable vulnerabilities: Combine manual and automated approaches to identify vulnerabilities. Continuously monitor the external perimeter: Perform non-regression tests to prevent the vulnerabilities from returning. Work with experts to strengthen the overall security posture. Facilitate technical workshops to generate detailed analyses and feed risk assessments. Conduct research and develop innovative methodologies to improve asset recognition and vulnerability exploitation. Independently manage assigned files: organizing meetings, managing schedules and priorities, and gathering the required information. What we offer* Competitive salary and annual bonus 4 weeks of flexible vacation starting in the first year Defined benefit pension plan that provides predictable, stable income throughout retirement Group insurance including telemedicine Reimbursement of health and wellness expenses and telework equipment * Benefits apply based on eligibility criteria. #LI-Hybrid What you bring to the table Bachelor’s degree in IT or a related field A minimum of six years of relevant information security experience, including 3 years of penetration testing (Pentest or Red Team) Please note that other combinations of qualifications and relevant experience may be considered Experience using threat modeling methodologies such as STRIDE and OWASP or comparable experience visually representing data and process flows in a corporate environment Experience in vulnerability detection through bug bounty initiatives Experience making recommendations and putting people into action Experience analyzing source codes and identifying vulnerabilities Advanced proficiency in French, both spoken and written Proficiency in application security and infrastructure operations Knowledge of defence mechanisms and business controls Familiarity with the MITRE ATT&CK framework Action oriented, Customer Focus, Differences, Interpersonal Savvy, Nimble learning, Strategic mindset Trade Union (If applicable) At Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should reflect the diversity of the members, clients and communities we serve. If there's something we can do to help make the recruitment process or the job you're applying for more accessible, let us know. We can provide accommodations at any stage in the recruitment process. Just ask! Job Family Security (FG) Unposting Date 2026-02-11 Desjardins Group is the largest cooperative financial group in North America. We're the choice for over 52,000 employees and we're named one of Canada's top employers by Mediacorp and Forbes. We offer a full range of financial products and services and share our expertise in personal services, business services, wealth management, life and health insurance, and property and casualty insurance. Pursuing a career at Desjardins means being part of an organization that puts people first. The jobs you found aren’t the right fit? Introduce yourself: we want to know you!

Responsibilities

As a Senior Offensive Security Advisor, you will identify, analyze, and mitigate threats to Desjardins Group’s external systems. You will design and implement offensive methods and tools while following rigorous processes to protect the organization from cyberattacks.