This position is posted by Jobgether on behalf of NetSPI. We are currently looking for a Senior Security Consultant (Secure Code Review + Web Application Penetration Testing) in Canada.

This role offers a challenging opportunity to leverage your expertise in application security by conducting secure code reviews and web application penetration tests for a diverse range of clients. You will work remotely within a collaborative and innovative environment, engaging with the latest security technologies and methodologies. As a senior consultant, you will provide technical leadership, mentor team members, and contribute to enhancing security posture by identifying and helping remediate critical vulnerabilities. Your work will directly support organizations in protecting their most important digital assets, while advancing your skills in a fast-evolving cybersecurity landscape.

Accountabilities:

• Perform in-depth penetration testing and secure code review assessments on various web applications.
• Dynamically exploit vulnerabilities in codebases and correlate insecure coding practices to application vulnerabilities.
• Deliver secure code reviews in multiple programming languages such as Java, C#, Python, C/C++, Perl, and PHP using both automated and manual analysis tools.
• Train and assist development teams on secure coding practices and vulnerability remediation.
• Provide quality assurance oversight and mentor peers on service delivery and skill development.
• Present detailed findings to clients and support remediation planning.
• Conduct research to develop new testing methods, tools, and exploit techniques.
• Maintain accurate administrative records including timekeeping and status updates.

Requirements

• 3 to 5 years of experience in application security, including secure code review and web application penetration testing.
• Expert proficiency with Burp Suite, including extension development preferred.
• Strong knowledge of OWASP Top 10 and CWE Top 25 vulnerabilities with practical experience identifying and mitigating risks in source code.
• Ability to effectively communicate technical risks and business impacts to diverse audiences.
• Bachelor’s degree or higher in Computer Science, Engineering, IT, or related field; equivalent experience considered.
• Willingness to travel up to 25%.
• Preferred: Experience providing technical and QA oversight, strong skills in at least two programming languages (Java, C#, PHP, Python, C/C++), and software development experience in server-side languages.

Benefits

• Competitive salary and comprehensive benefits package.
• Flexible remote work arrangement within Canada (Ontario preferred).
• Opportunities for professional growth and skill development.
• Collaborative, supportive, and innovative work environment.
• Exposure to cutting-edge cybersecurity tools and industry-leading practices.
• Equal opportunity employer committed to diversity and inclusion.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.
When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.
The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role.
Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.
Thank you for your interest!

#LI-CL1