Senior Penetration Tester (Global Security)
Top Benefits
About the role
Job Description
What is the opportunity?
The Application Security team is undertaking multiple complex enterprise-wide initiatives to improve the security and quality of RBC applications. Reporting to the Senior Manager of Penetration Testing, you will provide application penetration testing services for the global RBC business and application development teams across all enterprise information technology groups. You will act as the subject matter expert in the execution of penetration testing, in addition to participating in the development of application security best practices, tools, processes, and landscapes. You will also provide technical input on current, interim and target state penetration testing and security processes, and communicate the needs of development teams to strategic security leadership.
What will you do?
- Participate in and lead a range of security assessment activities. Perform penetration testing against application landscapes (Web, API & mobile) and oversee application and infrastructure penetration testing assessments performed by 3rd party suppliers.
- Ensure applications & infrastructure are thoroughly security tested using industry best practices prior to promotion to production
- Educate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters and impacts on the organization
- Assist in the development, evaluation, and implementation of application & infrastructure penetration testing processes and tools
- Research and keep up to date on security emerging threats, techniques, tools, and trends
What do you need to succeed?
Must-have
- 4+ years of experience in executing application layer penetration testing exercises
- Possess strong understanding of web and mobile application architecture and development principles
- Exposure to application security best practices such as secure coding, security testing techniques
- Knowledge of OWASP, SANS or other security-related frameworks
- Familiarity with modern application layer penetration testing tooling and platforms
Nice-to-have
- OSCP, OSCE, GWAPT, GMOB, GXPN certifications an asset
- Experience in testing network systems and cloud services (e.g. AWS, Azure)
- Demonstrated knowledge of scripting languages (Python, Java, Perl, etc.), network protocols, and operating systems (Windows, Linux, Unix, macOS)
- Understanding and experience in agile methodology
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
- Opportunities to take on progressively greater accountabilities
- Opportunities to building close relationships with clients
- Access to a variety of job opportunities across business and geographies
#LI-POST
#TECHPJ
Job Skills
Application Development, Application Security, Cloud Computing, Critical Thinking, Infrastructure Penetration Testing, Mobile Penetration Testing, Network Security Architecture, Open Web Application Security Project (OWASP), Penetration Testing, Secure Coding, Security Practices, Vulnerability Remediation, Web Application Penetration Testing
Additional Job Details
Address:
410 GEORGIA ST W, FLOOR 3:VANCOUVER
City:
Vancouver
Country:
Canada
Work hours/week:
37.5
Employment Type:
Full time
Platform:
TECHNOLOGY AND OPERATIONS
Job Type:
Regular
Pay Type:
Salaried
Posted Date:
2025-05-29
Application Deadline:
2025-10-01
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
I****nclusion** and Equal Opportunity Employment**
At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.
Senior Penetration Tester (Global Security)
Top Benefits
About the role
Job Description
What is the opportunity?
The Application Security team is undertaking multiple complex enterprise-wide initiatives to improve the security and quality of RBC applications. Reporting to the Senior Manager of Penetration Testing, you will provide application penetration testing services for the global RBC business and application development teams across all enterprise information technology groups. You will act as the subject matter expert in the execution of penetration testing, in addition to participating in the development of application security best practices, tools, processes, and landscapes. You will also provide technical input on current, interim and target state penetration testing and security processes, and communicate the needs of development teams to strategic security leadership.
What will you do?
- Participate in and lead a range of security assessment activities. Perform penetration testing against application landscapes (Web, API & mobile) and oversee application and infrastructure penetration testing assessments performed by 3rd party suppliers.
- Ensure applications & infrastructure are thoroughly security tested using industry best practices prior to promotion to production
- Educate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters and impacts on the organization
- Assist in the development, evaluation, and implementation of application & infrastructure penetration testing processes and tools
- Research and keep up to date on security emerging threats, techniques, tools, and trends
What do you need to succeed?
Must-have
- 4+ years of experience in executing application layer penetration testing exercises
- Possess strong understanding of web and mobile application architecture and development principles
- Exposure to application security best practices such as secure coding, security testing techniques
- Knowledge of OWASP, SANS or other security-related frameworks
- Familiarity with modern application layer penetration testing tooling and platforms
Nice-to-have
- OSCP, OSCE, GWAPT, GMOB, GXPN certifications an asset
- Experience in testing network systems and cloud services (e.g. AWS, Azure)
- Demonstrated knowledge of scripting languages (Python, Java, Perl, etc.), network protocols, and operating systems (Windows, Linux, Unix, macOS)
- Understanding and experience in agile methodology
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
- Opportunities to take on progressively greater accountabilities
- Opportunities to building close relationships with clients
- Access to a variety of job opportunities across business and geographies
#LI-POST
#TECHPJ
Job Skills
Application Development, Application Security, Cloud Computing, Critical Thinking, Infrastructure Penetration Testing, Mobile Penetration Testing, Network Security Architecture, Open Web Application Security Project (OWASP), Penetration Testing, Secure Coding, Security Practices, Vulnerability Remediation, Web Application Penetration Testing
Additional Job Details
Address:
410 GEORGIA ST W, FLOOR 3:VANCOUVER
City:
Vancouver
Country:
Canada
Work hours/week:
37.5
Employment Type:
Full time
Platform:
TECHNOLOGY AND OPERATIONS
Job Type:
Regular
Pay Type:
Salaried
Posted Date:
2025-05-29
Application Deadline:
2025-10-01
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
I****nclusion** and Equal Opportunity Employment**
At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.