Manager, Digital Resiliency - Offensive Security

MNP View all jobs

  • Calgary, AB
  • Permanent
  • Full-time
  • 2 days ago
Description :What do you think of when you hear the name MNP? We are more than a prominent consulting firm in tax and accounting, we are redefining how organizations succeed in the digital age by bridging strategic vision, technical innovation, and operational execution to deliver transformative results.Make an impact as we look to strengthen our Digital Advisory Cyber Security team as a Manager, Digital Resiliency - Offensive Security. As a trusted advisor, you’ll enable clients to take a proactive and prepared approach to cyber crime and capitalize on new technologies and innovations to deliver business results as well as build and maintain customer trust. You will lead skilled teams to evade detection and prevention controls, exploit technical and business gaps to acquire the target’s crown jewels, aiming to identify vulnerabilities, provide practical remediation recommendations, and increase our client’s cyber security resilience.At MNP Digital, we’re a team of highly skilled and creative thinkers that continuously support and learn from each other. We pride ourselves on translating our clients’ challenges into real results by leveraging technology – and that all starts with having the right people to deliver. We’ve created an environment where you’ll continuously grow, always have a voice and collaborate on work that’s meaningful and fulfilling. If you’re ready to take your career into your own hands, you’ve come to the right place.We embrace a work from office culture - this position would be based in our Calgary Ampersand office.Responsibilities
  • Work with and lead team members to conduct reconnaissance and intelligence gathering, vulnerability scans and assessments, penetration testing of mobile, network, cloud environment, web applications, APIs, wireless networks, SCADA/ICS and Operational Technology environment scopes (a strong asset), red and purple team engagements, and social engineering
  • Support the continuous improvements and modernization of offensive security capability, framework, interaction models, operational procedures, and engagement delivery
  • Support the methodologies and processes to leverage AI in Offensive Security and testing of AI models
  • Ensure alignment with frameworks such as MITRE ATT&CK, PTES, OSSTMM, NIST 800-115
  • Oversee operational activates in relation to issues and delivery, taking action to coordinate mitigation activities and resources
  • Undertake and adapt to unique client requests and project types that cross cyber disciplines and expertise areas
  • Support a culture of continuous development of both services and our people
  • Assist in development of less experienced team members, explaining how performance expectations align with the business priorities, giving and receiving feedback effectively, creating a positive work environment, and being an effective role model
  • Communicate engagement activities and technical findings effectively with both client technical SMEs and executive staff, preparing and delivering presentation materials to each
  • Develops, maintains, and tracks quarterly and annual milestones and goals to develop and enhance the effectiveness of the Offensive Security team
  • Recommends and sets strategic goals and budget for operational and engagement activities, controls expenses in accordance with budgets
  • Provide advice, expertise, counsel to senior leaders as input to business decisions on medium to long term strategic planning
  • Provide subject matter expertise of both internal operations and industry approaches in support of bid and proposal for engagement processes
  • Support the development and use of scripts and tools by the team to execute engagement work
  • Support the development and coordinate the operation of engagement tools and hardware
  • Develop reports and materials intended for both technical and executive audiences
  • Work with both clients and vendors to troubleshoot and resolve issues
  • Notify clients of any potential problems in their environment
  • Be self-motivated
Skills and Experience
  • You can demonstrate experience of 9-11 years in cybersecurity, with at least 7+ years of offensive security, and/or threat intelligence, and preferably 5+ years leading enterprise scale engagements
  • Posses a Post-Secondary Degree or Diploma in Cybersecurity, Information Security or Technology, Computer Science or related discipline
  • Multiple cybersecurity certifications from a recognized institution (e.g. (ISC)2, ISACA, SANS) such as CISSP, OSCP, CRTP, CEH, GPEN, etc.
  • Functional knowledge of offensive technical foundations, theory, terminology (Kill Chain, TTPs, threat actors)
  • Expert knowledge of:
  • Shell scripting of tasks using Perl, Python, PowerShell, and other scripting languages
  • Tools and platforms applicable to mobile, network, web application, and wireless networks
  • Evasion techniques
  • Kill Chain, TTPs, and threat actor approaches
  • Security operations, processes, procedures, controls
  • Strong knowledge of:
  • Network protocols and covert channels
  • Source code review
  • Exploit development
  • Knowledge of security and testing of SCADA/ICS and Operational Technology is considered a strong asset
  • Understanding and applied experience with industry standards and frameworks (e.g. NIST 800-53 and CSF, ISO 27001 and 27002, CSC, PCI DSS, Interac, PIPEDA, OSFI)
  • Experience and working knowledge of multiple information and security domains (e.g. privacy, IT operations, security platform administration and integrations, incident response, threat intelligence, audit and risk)
  • Strong presentation skills and ability to communicate effectively to both technical and executive audiences
  • Strong problem-solving skills to creatively develop appropriate solutions to complex problems
  • Understanding and experience in delivery of Security services (vulnerability assessments, TRA’s, cyber maturity assessments, cloud security, penetration testing, incident response/forensics, PCI)
  • Experience with architecting, configuration and delivering technology-based controls
  • Experience in business and practice development
MY REWARDS @ MNPWith a focus on high-potential earnings, MNP is proud to offer customized rewards that support our unique culture and a balanced lifestyle to thrive at work and outside of the office. You will be rewarded with generous base pay, vacation time, 4 paid personal days, a group pension plan with 4% matching, voluntary savings products, bonus programs, flexible benefits, mental health resources, exclusive access to perks and discounts, professional development assistance, MNP University, a flexible ‘Dress For Your Day’ environment, firm sponsored social events and more.Diversity@MNPWe embrace diversity as a core value and celebrate our differences. We believe each team member contributes unique gifts and amplifying their potential makes our business stronger. We encourage people with disabilities to apply!

MNP