Description

This is a hybrid position (2 – 3x a week in the office) in Downtown Toronto.

Are you excited by the opportunity to grow an Offensive Security team?

This role is ideal for a seasoned cybersecurity professional with a passion for offensive security, application testing, and threat management—especially in modern environments involving low code/no code platforms and AI/ML pipelines.

You will play a pivotal role in proactively identifying vulnerabilities, simulating adversarial threats, and strengthening this company’s security posture across cloud, application, and AI/ML domains. If you have experience building offensive security teams, leading penetration testing, managing incident response, and securing AI/ML workflows, this role is for you!

What you will do and how you will make an impact …

  • Conduct penetration testing on low code/no code platforms, identifying misconfigurations and privilege escalation risks.

  • Design and execute penetration tests targeting AI/ML pipelines, models, and data flows.

  • Assess CI/CD integrations and MLOps environments for security gaps.

  • Evaluate web and mobile applications for vulnerabilities such as insecure APIs and injection flaws.

  • Perform threat modeling and code analysis to identify and remediate vulnerabilities.

  • Monitor and respond to threats using SIEM tools (e.g., Splunk, Azure Sentinel).

  • Develop use cases tailored to emerging threats, including AI/ML-specific attack vectors.

  • Use tools like Burp Suite, OWASP ZAP, Checkmarx, Veracode, and Snyk for vulnerability assessments.

  • Conduct offensive API testing and simulate real-world attack scenarios.

Qualifications …

  • 10+ years of hands-on experience in offensive cybersecurity (pen testing, red teaming, adversary simulation).

  • Deep understanding of cloud security (AWS, Azure) and modern security frameworks (NIST, ISO 27001, MITRE ATT&CK).

  • Strong background in application security, incident response, and threat management.

  • Experience with low code/no code platforms and AI/ML pipeline testing is highly preferred.

  • Offensive security certifications such as OSCP / OSCE / OSEP / GPEN / GWAPT are a plus

Does this sound like it was written for you? Excellent! Please apply and let’s explore this together.

The interview process …

If you’re interested in pursuing this role, please apply to this posting. If you are selected for the next stage, I will contact you for an initial discussion. This will be a chance for us to discuss the job requirements in greater detail, as well as your career goals and preferences for your next position. We can also discuss other opportunities which may fit what you’re looking for.

Please feel free to reach out and find me on LinkedIn by searching my name: Tanvi Krishna

Compensation & benefits …

This is a full-time and permanent position that includes a competitive base salary, pension program, wellness program, extended health and dental benefits, and paid vacation.