Specialist Offensive Security – City of Toronto


Full time

City Division: Office of the CISO

Work Location: Metro Hall, 55 John Street

Job Type & Duration: Full Time, Permanent

Salary: $103,303.20 to $121,368.40

Shift Information: Monday to Friday, 40 Hours per Week

Affiliation: Non-Union

Number of Positions Open: 2

Posting Closing: October 28, 2020


The City of Toronto is looking for an experienced Full-time Offensive Security Specialist for the Office of the Chief Information Security Officer.


To provide expertise, guidance, advice, and operational support for the development, deployment, and management of Threat Management programs to ensure the City is adequately protected from cybersecurity threats and to support the execution of the Chief Information Security Officer’s (CISO) mandate, cyber vision, and strategy.

To design and implement security systems to protect the City’s computer networks from cyber attacks, and set and maintain security standards.


  • Post-secondary degree in Business or Technology or a related discipline.
  • Over 5 years of experience in penetration testing.
  • Extensive penetration testing experience with operating systems, web applications, and network infrastructure.
  • Strong experience with using Penetration Testing Tools. e.g. NMap, Nessus, Metasploit, BurpSuite, Nikto, Tcpdump.
  • Administrator-level knowledge of Server Operating Systems specifically Unix and Windows
  • Intricate technical knowledge of TCP/IP Networking/Routing, Intranet / Internet Architectures and Segregation Technologies/VLANs, Firewalls, Intrusion Detection, Intrusion Prevention, SQL Databases
  • Ability to test web technologies e.g. web applications, containers, container managers
  • Programming ability to create, read, and modify exploit code to achieve system penetration. C, C++, Java, C#, scripting knowledge is an asset.
  • Experience scaling security testing capabilities
  • Demonstrate a current and working knowledge of Information Security best-practices, methodologies, and techniques.
  • Preferred Certifications (any in the list): CISSP, CRISC, OSCP, CEH, GPEN


Find the detailed job responsibilities, qualifications, skills, and other information here.


Additional Comments/Information

A normal workweek is 40 hours, however, unforeseen situations may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment, and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity, and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.


Resume received!