Here’s a little song we wrote about you: You have a strong technical background. You are a highly passionate Ethical Hacker that is up to date on the latest threats and keen on working in a challenging and innovative environment.
Now we get to brag about us: Lightspeed powers small and medium-sized businesses in over 100 countries around the world with its cloud-based commerce platform. Its smart, scalable, and dependable all-in-one Point of Sale software system helps restaurants and retailers sell across channels, manage operations, engage with consumers, accept payments, and grow their business. Founded in 2005 with offices in Canada, USA, Europe and Australia, Lightspeed recently completed its initial public offering on the Toronto Stock Exchange (TSX: LSPD). We're passionate about enabling people to do their best work. Come work with us and find out what you can do.
- Perform vulnerability analysis, risk assessments, and penetration testing on applications and cloud infrastructure.
- Analyze the designs and implementations from a security perspective and work with other teams in diminishing the security vulnerabilities.
- Act as a security advisor on different projects
- Keep current on security risks and trends and maintain the technologies/tools/techniques in network security.
- Drive our secure SDLC program with product development teams ensuring secure coding practices, SAST, DAST, and pentesting activity occurs on a regular basis
- Bachelor degree in a related field or relevant experience
- A Minimum 3 years of experience
- Knowledge of offensive security tools, techniques and procedures, including, but not limited to: Open-source intelligence harvesting, analysis, and operationalization, designing, building, and maintaining command & control infrastructure; exploitation of various operating systems and applications
- Knowledge of defensive security tools, techniques and procedures such as vulnerability scanning, IPS/IDS, WAF, etc.
- Knowledge of encryption concepts and cryptographic key management
- Knowledge of cloud infrastructure services such as AWS, GCP
- Background of penetration testing and performing vulnerability assessments.
- Understanding of programming languages patterns and software architecture
- Knowledge of security testing standards and practices (OWASP is a must).
- Understanding of design and implementation of database, web server, and applications.
- Experience with Agile development
- Experience with Kubernetes and docker environments
- Experience with bug bounty programs
- Knowledge of PCI DSS, ISO 27001, OWASP
- Experience with OS X and iOS development
- Experience in the data, payment or financial industry
- Experience in the retail and eCommerce industry
- Recognized security certifications (CEH, OSCP, CISSP, etc.)
- Bilingual (French and English)
What's in it for you?
In addition to the perks you see on the Careers page, you’ll get access to:
- A beautifully renovated office space in a castle; one of the best development centres in Montreal;
- An environment that encourages initiatives and leadership;
- Happy hour every Friday afternoon;
- Birthday treats every month to celebrate our employees;
- Social events throughout the year;
- Fun activities with your teammates - be part of the Lightspeed family;
- Work with highly talented people who are as passionate about their craft as you are!