Senior Security Engineer - Vulnerability Program
About the role
Job Description:
In a world where technology is constantly advancing, safeguarding data and keeping systems dependable is more important than ever. Our security team is seeking a Senior Security Consultant to take on complex security challenges, guide peers, and help strengthen our approach to managing vulnerabilities across the organization.
This position combines advisory work with hands-on involvement in areas such as security assessments, application testing, and vulnerability management. You’ll work with enterprise tools, create custom solutions, and design processes that raise security standards across a wide variety of systems and environments.
Responsibilities
· Serve as a trusted advisor to internal stakeholders, reinforcing a “customer-first” approach to security outcomes.
· Lead projects and client engagements, preparing detailed reports and presentations that translate complex technical findings into actionable recommendations.
· Design, implement, and evolve the organization’s Vulnerability Management Program, working with multiple data sources and cross-functional teams.
· Conduct penetration tests and security assessments using industry-standard methodologies (OSINT, PTES, OSSTMM).
· Build and automate security workflows for vulnerability scanning, risk prioritization, remediation tracking, and reporting to improve remediation velocity.
· Apply the MITRE ATT&CK framework to assess detection and response capabilities through assumed-breach scenarios.
· Conduct application security assessments following OWASP Web/Mobile Testing Guides to evaluate security posture and validate mitigations.
· Review and validate findings from third-party penetration tests, ensuring proper remediation.
· Contribute to the definition and documentation of Offensive Security Tactics, Techniques, and Procedures (TTPs) and support SecOps incident response playbook development.
· Integrate security testing and reporting into the SDLC to support “shift left” initiatives.
· Mentor junior team members and help raise the overall security maturity of the organization.
Qualifications:
· 7+ years of experience in IT security, with at least 5+ years specializing in vulnerability management, penetration testing, red teaming, or application security.
· Strong background in automating security processes using scripting languages such as Python, PowerShell, JavaScript, Bash, Ruby, or Perl.
· Experience working with frameworks and methodologies such as:
· MITRE ATT&CK
· OWASP ASVS / WSTG
· MASVS / MASTG
· PTES, OSSTMM
· Ability to lead complex security initiatives, solve problems collaboratively, and influence stakeholders across technical and business teams.
· Excellent communication and report-writing skills, capable of translating technical issues into clear business impact.
· Must be able to obtain (or already possess) Government of Canada Reliability Status clearance.
Preferred Certifications
· Penetration Testing: CREST CRT, OSCP, OSCE, OSEP, GPEN, eCPT, PNPT, OSWP
· Red Teaming: CRTP, CRTO (1/2), CRTE
· Application Security: BurpSuite Certified Practitioner, OSWE, GWAPT, eWPT
· Mobile Application Security: GMOB, EMAPT
· Cloud Security: CCSP, CARTP, CAWASP, PACSP
Affinity Earn:
Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/
About Affinity:
Affinity Group is a technology and business consulting and services company. We believe in creating long term relationships between clients and consultants that foster a mutually beneficial partnership. Affinity is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit and business need.
For more information on Affinity, please visit www.affinity-group.ca
Job Number: 12594
About Affinity
Welcome to Affinity Group — your trusted partner in business and technology consulting. As a carbon-neutral company certified by ClimatePartner and recognized by the Globe and Mail as one of Canada's fastest-growing companies, we are dedicated to delivering an unrivalled experience for our employees, consultants, and clients.
Professional Excellence Across Disciplines:
- Cyber Security Solutions: Protecting your operations with cutting-edge security measures.
- Data Analytics and Business Intelligence: Transforming data into strategic insights.
- Digital Transformation: Pioneering digital innovations to future-proof your business.
- Enterprise Applications: Streamlining business processes through advanced software solutions.
- Project Management: Delivering projects with precision and efficiency.
- Technology Strategy & Architecture: Crafting robust IT frameworks to support scalable growth.
Delivering Tailored Solutions: We provide flexible, bespoke solutions designed to meet the specific demands of your business, driving your success forward with precision and innovation.
Global Reach with Affinity International: Expand your capabilities with our international talent solutions. Discover how we bring global expertise to your local and international projects at affinity-group.ca/international-companies.
Empowering Our Consultants: We are committed to facilitating professional growth and success. Explore a wide array of job opportunities through our referral program, AffinityEARN. Find your next challenge on our jobs page at affinity-group.ca/jobs or LinkedIn.
Ready to Enhance Your Business? Contact us today to discuss how we can support your goals. Email us at Sales@affinity-group.ca for inquiries and solutions tailored to your needs.
Join the innovative and supportive environment at Affinity Group, where we transform challenges into opportunities and individual potential into achievements. Discover more about how we can collaborate on our website below!
Senior Security Engineer - Vulnerability Program
About the role
Job Description:
In a world where technology is constantly advancing, safeguarding data and keeping systems dependable is more important than ever. Our security team is seeking a Senior Security Consultant to take on complex security challenges, guide peers, and help strengthen our approach to managing vulnerabilities across the organization.
This position combines advisory work with hands-on involvement in areas such as security assessments, application testing, and vulnerability management. You’ll work with enterprise tools, create custom solutions, and design processes that raise security standards across a wide variety of systems and environments.
Responsibilities
· Serve as a trusted advisor to internal stakeholders, reinforcing a “customer-first” approach to security outcomes.
· Lead projects and client engagements, preparing detailed reports and presentations that translate complex technical findings into actionable recommendations.
· Design, implement, and evolve the organization’s Vulnerability Management Program, working with multiple data sources and cross-functional teams.
· Conduct penetration tests and security assessments using industry-standard methodologies (OSINT, PTES, OSSTMM).
· Build and automate security workflows for vulnerability scanning, risk prioritization, remediation tracking, and reporting to improve remediation velocity.
· Apply the MITRE ATT&CK framework to assess detection and response capabilities through assumed-breach scenarios.
· Conduct application security assessments following OWASP Web/Mobile Testing Guides to evaluate security posture and validate mitigations.
· Review and validate findings from third-party penetration tests, ensuring proper remediation.
· Contribute to the definition and documentation of Offensive Security Tactics, Techniques, and Procedures (TTPs) and support SecOps incident response playbook development.
· Integrate security testing and reporting into the SDLC to support “shift left” initiatives.
· Mentor junior team members and help raise the overall security maturity of the organization.
Qualifications:
· 7+ years of experience in IT security, with at least 5+ years specializing in vulnerability management, penetration testing, red teaming, or application security.
· Strong background in automating security processes using scripting languages such as Python, PowerShell, JavaScript, Bash, Ruby, or Perl.
· Experience working with frameworks and methodologies such as:
· MITRE ATT&CK
· OWASP ASVS / WSTG
· MASVS / MASTG
· PTES, OSSTMM
· Ability to lead complex security initiatives, solve problems collaboratively, and influence stakeholders across technical and business teams.
· Excellent communication and report-writing skills, capable of translating technical issues into clear business impact.
· Must be able to obtain (or already possess) Government of Canada Reliability Status clearance.
Preferred Certifications
· Penetration Testing: CREST CRT, OSCP, OSCE, OSEP, GPEN, eCPT, PNPT, OSWP
· Red Teaming: CRTP, CRTO (1/2), CRTE
· Application Security: BurpSuite Certified Practitioner, OSWE, GWAPT, eWPT
· Mobile Application Security: GMOB, EMAPT
· Cloud Security: CCSP, CARTP, CAWASP, PACSP
Affinity Earn:
Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/
About Affinity:
Affinity Group is a technology and business consulting and services company. We believe in creating long term relationships between clients and consultants that foster a mutually beneficial partnership. Affinity is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit and business need.
For more information on Affinity, please visit www.affinity-group.ca
Job Number: 12594
About Affinity
Welcome to Affinity Group — your trusted partner in business and technology consulting. As a carbon-neutral company certified by ClimatePartner and recognized by the Globe and Mail as one of Canada's fastest-growing companies, we are dedicated to delivering an unrivalled experience for our employees, consultants, and clients.
Professional Excellence Across Disciplines:
- Cyber Security Solutions: Protecting your operations with cutting-edge security measures.
- Data Analytics and Business Intelligence: Transforming data into strategic insights.
- Digital Transformation: Pioneering digital innovations to future-proof your business.
- Enterprise Applications: Streamlining business processes through advanced software solutions.
- Project Management: Delivering projects with precision and efficiency.
- Technology Strategy & Architecture: Crafting robust IT frameworks to support scalable growth.
Delivering Tailored Solutions: We provide flexible, bespoke solutions designed to meet the specific demands of your business, driving your success forward with precision and innovation.
Global Reach with Affinity International: Expand your capabilities with our international talent solutions. Discover how we bring global expertise to your local and international projects at affinity-group.ca/international-companies.
Empowering Our Consultants: We are committed to facilitating professional growth and success. Explore a wide array of job opportunities through our referral program, AffinityEARN. Find your next challenge on our jobs page at affinity-group.ca/jobs or LinkedIn.
Ready to Enhance Your Business? Contact us today to discuss how we can support your goals. Email us at Sales@affinity-group.ca for inquiries and solutions tailored to your needs.
Join the innovative and supportive environment at Affinity Group, where we transform challenges into opportunities and individual potential into achievements. Discover more about how we can collaborate on our website below!