Skip to Main Content

Job Title

Penetration Testing Analyst

Company : Veracity Software Inc

Location : Regina, Division No. 6

Created : 2026-01-19

Job Type : Full Time

Job Description

Position Title: Penetration Testing Analyst Contract Duration: Initial Term: 2 Years + Optional Extension: Up to 1 Year Work Location: 100% Onsite Regina, Saskatchewan (No Remote / No Hybrid) Client is seeking qualified Penetration Testing Analyst resources to support cybersecurity programs through security assessments, vulnerability testing, penetration testing, and IT security risk management across government systems, applications, and network environments. This role requires real professional penetration testing experience (training/academic experience will not be considered) and the ability to work 100% onsite in Regina. Key Responsibilities Conducting penetration testing on government applications, systems, and networks Identifying, validating, and safely exploiting security vulnerabilities Performing static application security testing (SAST) and dynamic application security testing (DAST) Executing manual testing and automated scanning as per approved methods Performing white-box testing and black-box testing Conducting cloud security testing, including cloud-based application architecture and deployment models Evaluating vulnerabilities and mapping them to risk impacts Creating and delivering detailed penetration test / assessment reports Presenting findings to technical teams and stakeholders with remediation recommendations Supporting broader government cybersecurity and security governance initiatives Standards & Frameworks OWASP (especially OWASP Application Security Testing Standard) ISO 27002:2022 (or equivalent information security controls) Regulatory compliance standards and ensuring compliance during penetration testing Required Qualifications Mandatory Demonstrated professional experience as a Penetration Tester / Penetration Testing Analyst Must be real job experience Academic projects / training / lab-only experience does NOT qualify Strong experience identifying, exploiting, and documenting vulnerabilities across: Web applications Infrastructure and networks Cloud environments Demonstrated ability to write and present detailed security assessment reports Deep understanding of: Common attack vectors and techniques Defense approaches / mitigation strategies Nice to Have (Assets) Valid cybersecurity certifications such as: CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) Other relevant cybersecurity certifications Technical Skills Required Burp Suite Nessus / Tenable Nmap Metasploit OWASP ZAP SQLmap Kali Linux Wireshark Hydra / password testing tools Cloud security tools (AWS / Azure / GCP security tooling where applicable) Local Knowledge Requirement Government / public sector entities / large enterprise environments #J-18808-Ljbffr