🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
IBM • Calgary, Alberta, Canada
Role & seniority: Global Application Security Consultant, senior-level (X-Force Red Offensive Security)
Stack/tools: Web, mobile, and thick-client application testing; programming in Java, .Net, Python, or Ruby; strong networking/firewalls/security techs; potential use of Burp Suite; familiarity with GenAI/Large Language Model contexts a plus
Perform penetration tests on client applications (web, mobile, thick-client) and identify/exploit vulnerabilities
Support sales efforts and serve as the primary technical contact for projects with other consultants
Lead/coordinate security testing activities across teams; contribute research, tooling, and consulting outputs
5+ years in penetration testing, consulting, and system/network administration or programming
Experience testing web apps plus at least one of internal networks, mobile, thick-client, embedded, or hardware
Programming experience in Java, .Net, Python, or Ruby
Strong networking, firewall, protocol, routing, and security knowledge
Effective communication, presentation, and client-facing leadership abilities
Experience testing GenAI applications and SaaS platforms (e.g., SAP, Salesforce, Oracle)
Certifications (Burp Suite Practitioner, OSCP, etc.)
Experience in reverse engineering; published research or conference talks
Ability to drive pursuits and complex deals; capability to guide diverse teams
Loc
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
Passionate about breaking into applications, networks, systems, databases, devices and other technologies to uncover security vulnerabilities and help fix them? Are you interested in joining a team of like-minded passionate experts, many of whom have decades of experience breaking into anything and everything to help organizations strengthen their security? If so, X-Force Red, IBM Security’s team of veteran hackers, is looking for a Global Application Security Consultant, and you may be the perfect fit.
The Global Security Consultant will be part of the X-Force Red Offensive Security team. The consultant’s primary duty is to perform penetration tests against clients’ applications including web, mobile and thick-client.
Engagements typically range from two to four weeks. Secondary duties include assisting in the sales process with potential or existing clients, and acting as a client’s primary technical contact for projects delivered by other consultants. X-Force Red consultants provide subject matter expertise in the form of research, tooling, and consulting engagements.
You should have in-depth of knowledge and experience in testing modern enterprise applications across a variety of frameworks and platforms. Identifying vulnerabilities in these applications and exploiting them to gain access to sensitive data or systems.
The consultant must be able to rapidly learn new technologies and processes with minimal assistance. There is a potential for 25% travel, including international travel. Travel depends on project requirements.
Current active clearance level or ability to obtain one is beneficial.
Preferred Education
None
Required Technical And Professional Expertise
5+ years of penetration testing experience 5+ years of consulting experience 5+ years of system administration, network administration, or programming experience Ability to perform penetration tests against web applications plus at least one of the following: internal networks, wireless networks, mobile applications, thick-client applications, embedded applications, hardware.
Programming experience in one or more of the following: Java, .Net, Python, or Ruby Strong understanding of networks, firewalls, protocols, routing, and security technologies History of presenting at regional or major security conferences History of published research, blog posts, or other publications Experience coordinating security testing projects with multiple consultants
Consulting Qualifications
Effective communication and presentation skills The ability to lead large groups and be a primary facilitator Demonstrated written skills Drive to do research, publications, blogs, presentations, etc. Comfortable working in a project based / client serving model Ability to lead and shape client expectations Help drive pursuits and engage in complex deals, matching outcomes to expectations Ability to work easily with diverse and dynamic teams Ability to self-start, and work independently on projects
Preferred Technical And Professional Experience
Experience testing GenAI applications and LLM models Experience with testing SaaS platforms and applications - SAP, Salesforce, Oracle Burp Suite Certified Practitioner, OSCP, or other technical certifications Experience in reverse engineering software or hardware