Offensive Security Engineer
- Pay Rate: $63.97/hour, depending on experience
- Contract Length: 8 Months
- Location: Open to Remote Candidates (preference for Alberta-based candidates, but open to anywhere in Canada)
Raise is currently hiring an Offensive Security Engineer on behalf of our client. They’re expanding their team to meet growing needs, making this a unique opportunity to work with an industry leader. Our Client is a market-leading financial institution
Note: The primary pay rate is based on T4 classification; however, we will also consider applications from candidates interested in an INC classification, where applicable.
Description
The Offensive Security Engineer is responsible for proactively identifying, exploiting, and documenting security vulnerabilities across the organizations enterprise applications, infrastructure, and security controls. This role blends hands-on penetration testing, targeted red team activities, threat hunting, and tabletop exercise (TTX) design, with a strong emphasis on technical rigor, documentation quality, and collaboration with Threat Intelligence and defensive teams.
This is not a purely “tool-driven” role — candidates must demonstrate strong logical analysis, attack-path thinking, and the ability to translate threat intelligence into meaningful offensive validation. Responsible for proactively identifying, exploiting, and documenting security vulnerabilities across the organization's enterprise applications, infrastructure, and physical security controls
Key Responsibilities
- Offensive Security & Penetration Testing
- Perform hands-on penetration testing across enterprise applications, infrastructure, and networks following established internal standards and SOPs.
- Utilize industry-standard tools such as Burp Suite, Postman, Kali Linux, and related attack frameworks to identify and exploit vulnerabilities.
- Identify and document vulnerabilities using appropriate CWE classifications, CVSS scoring, and OWASP Top 10 mappings.
- Execute structured, project-based test-and-report engagements, delivering actionable findings aligned to ATB’s security standards.
- Red Team & Adversary Simulation
- Support increasing red team validation activities, including the planning and execution of targeted technical “injections” and simulated attack steps.
- Contribute to tabletop exercise (TTX) design by reviewing technical documentation and playbooks and developing realistic attack scenarios (facilitation not required).
- Validate defensive controls through punctual red team activities rather than long-running adversary campaigns.
- Threat Hunting & Intelligence Integration
- Execute threat hunts designed in collaboration with the Threat Intelligence team to proactively identify adversary activity.
- Apply internal threat intelligence, TTPs, and MITRE ATT&CK concepts to offensive testing and hunting activities.
- Administer and manage Canary tokens/devices to detect unauthorized access or lateral movement.
- Reporting & Documentation
- Own the full lifecycle of security assessments, including:
- Scoping and planning based on technical documentation and demo meetings
- Test execution aligned to the approved scope
- Delivery of findings to both technical teams and senior leadership
- Produce high-quality technical reports, including executive summaries and remediation guidance.
- Participate in peer reviews of penetration testing reports to ensure consistency and quality.
Required Qualifications
- 5+ years of experience in offensive security, penetration testing, or red team–aligned roles.
- Strong hands-on experience with penetration testing methodologies across applications, infrastructure, and networks.
- Deep familiarity with Burp Suite and modern attack tooling/frameworks.
- Solid understanding of vulnerability classification frameworks (CWE), CVSS scoring, and OWASP Top 10.
- Experience producing clear, well-structured security documentation for both technical and non-technical audiences.
- Strong analytical thinking, problem-solving ability, and attention to detail.
- Excellent written and verbal communication skills.
- Nice-to-Have Skills & Experience
- Prior experience working closely with Threat Intelligence teams or using threat intelligence tooling.
- Exposure to MITRE ATT&CK, adversary TTPs, and threat hunting methodologies.
- Experience with Canary tokens/devices or deception technologies.
- Experience designing or contributing to tabletop security exercises.
- Financial services or regulated enterprise environment experience.
Team & Work Environment
- Team Size: Small, highly specialized team (1–5 members)
- Communication Level: High — frequent collaboration with security stakeholders and leadership
- Weekly Hours: 36.25
- Onsite Requirement: Remote; occasional onsite attendance for team meetings only
Additional Information
- A requirement for candidates to be considered for this role will be to complete a criminal and credit check (including Canadian Credit Risk Score)
Looking for meaningful work? We can help!
Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.
We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities. We have a dedicated webpage for accommodations where you can learn more about what we offer and request accommodation: https://raise.jobs/accommodations/
In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or any other Raise job posting (or have any other questions), please contact us at +1 800-567-9675 or hello@raiserecruiting.com.
#WES
#LI-SC1