We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Penetration Tester at ISA Cybersecurity - QATestingJobs.com
I
Penetration Tester
ISA Cybersecurity • Toronto, Ontario, Canada
hybrid
Salary: C$75,000 - C$90,000 / year
Posted Feb 19, 2026
Role & seniority: Mid-level Penetration Tester (2+ years in cybersecurity; offensive security focus)
Stack/tools: Pen testing and vulnerability tooling (Burp Suite, Nmap, Metasploit, Nessus); web apps, networks, systems, and cloud environments; familiarity with OWASP Top 10, CWEs, CVSS
Top 3 responsibilities
Conduct penetration tests across web applications, networks, systems, and cloud environments; perform vulnerability assessments
Document findings in clear, professional reports and lead remediation by communicating recommendations to technical and non-technical stakeholders
Stay current on threats and tools; contribute to red team exercises; collaborate with security operations, engineering, and compliance
Must-have skills
2+ years in cybersecurity with hands-on penetration testing, vulnerability assessments, and vulnerability management
Strong understanding of common vulnerabilities (OWASP Top 10, CWEs, CVSS)
Ability to produce detailed technical reports with remediation steps; strong communication
Nice-to-haves
Offensive security certifications (e.g., OSCP, CompTIA Pentest+, GIAC domains such as GCIH)
Additional experience with cloud security testing and related tooling
Location & work type: Toronto, Ontario; Hybrid work model; remote-first with some in-person needs; occasional townhalls and team events
Optional notes: Employer highlights, compensation not specified beyond range in job posting.
Full Description
About the Role
ISA is seeking a motivated Penetration Tester to join our cybersecurity team. In this role, you will play a key part in identifying and exploiting security vulnerabilities across networks, systems, and applications, applying your experience in offensive security methodologies. This is an excellent opportunity for cybersecurity professionals looking to take on more complex engagements and further develop their expertise in penetration testing.
About Us
We are proud to be recognized as a top employer for multiple years in a row, we currently hold the distinctions of Canada’s Top Small and Medium Employers 2025, Greater Toronto’s Top Employers 2025 and are Certified Great Place to Work 2025-2026.
ISA Cybersecurity is a proudly Canadian cyber and AI services and solutions provider. Trusted by over 500 clients from SMB to global enterprises, we empower organizations to safeguard their most critical assets and adopt AI securely. Through our highly customizable Cyber 360 and AI 360 offerings, we deliver a comprehensive range of governance, assurance, engineering protection, detection, and response services for the public and private sectors. Backed by over three decades of operational experience and a vast network of highly specialized and certified experts, we leverage cutting-edge technologies and AI to ensure that clients achieve their privacy, security, and business goals.
We operate in a remote-first environment. Office presence is typically less than 20% of the time, varying by role and work requirements. Our office space, located at Bloor and Islington, is a collaborative space designed for in-person meetings and drop-ins. We enjoy hosting in-person quarterly townhalls and social events throughout the year to encourage teambuilding and collaboration.
Responsibilities
Conduct penetration tests on web applications, networks, systems, and cloud environments
Perform vulnerability assessments and validate identified issues
Document technical findings in clear, concise, and professional reports
Lead remediation efforts by communicating findings and recommendations to technical and non-technical stakeholders
Stay up to date with the latest security threats, tools, and techniques
Execute and contribute to red team exercises and security testing engagements
Collaborate with team members across security operations, engineering, and compliance
Qualifications
2+ years of professional experience in cybersecurity, including areas such as Offensive Security, Vulnerability Management, Incident Handling, Security Analysis, or other related security roles
Hands-on experience with penetration testing, vulnerability assessments, and vulnerability management
Strong understanding of common vulnerabilities (OWASP Top 10, CWEs, CVSS, etc.)
Ability to write clear, detailed technical reports with remediation steps
Having one or more offensive security certifications, such as OSCP, CompTIA Pentest+, GIAC GCIH, or similar, would be considered an asset
Familiarity with tools such as Burp Suite, Nmap, Metasploit, Nessus, or equivalent
Strong communication and interpersonal skills
Why Join Us?
At ISA Cybersecurity we lead with our "Why". Our Why is to make people feel safe. This not only applies to the result of services that we provide to our clients, but how people feel when interacting with us. Whether you're an employee of ISA or a client we want you to feel safe and supported. Each one of our team members is expected to uphold this leadership quality and embrace it through consistent demonstration of our core values of Explore, Persevere, Adapt and Uplift.
We are proud to offer a variety of employee friendly programs that enable our team to perform at their best.
Highlights of our programs and policies include
Flexible sick and personal days for all employees
Generous health plan with enhanced mental health resources and programs
Professional development opportunities and education reimbursement up to $2,000 annually for all employees
Maternity and parental leave top-up
Employee referral bonus of $2,000
Competitive salaries complemented with RRSP matching and bonus programs
Distance remote working policy
LinkedIn Learning access for all team members
We also place great value on celebrating the contributions of all employees through the following service recognition programs
Service anniversary recognition and generous five-year milestone service awards
President’s Club recognizing special achievement awards: Team Member of the Year for Sales, CIOC and Cyber Services, the Rich Uhrich Founder’s Award that is nominated on by all employees and four President’s Awards (Risk Taker, Lost Without You, Money Maker and On the Rise)
Spot rewards providing opportunities for instant peer recognition
Information-sharing and team-building initiatives include
Annual kick-off meeting to communicate our strategic priorities
Quarterly town hall meetings
Regular team get togethers and client events
Scheduled employee feedback surveys and goal setting focus groups
Thank you for your interest in joining ISA Cybersecurity. Our team looks forward to reviewing your application. We will be reaching out to you directly if your experience matches our needs.
Vacancy Status: This posting is for an existing vacancy.
AI Disclosure: ISA Cybersecurity does not currently use artificial intelligence tools as part of our recruitment process.
Accessibility
ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need, please inform ISAs Human Resources team (peopleoperations@e-isa.com) so arrangements can be made for appropriate accommodation to be in place during the recruitment process.
Location
Toronto, Ontario (Hybrid)
Department
22- Projects
Employment Type
Full-Time
Minimum Experience
Mid-level
Compensation
75,000 - 90,000
