Senior Professional, Offensive Cyber Operations

Vancouver (VHO)

Teck Resources

Teck is Canada's largest diversified mining company and is committed to responsible development. It has major business units focused on copper, metallurgical coal, zinc, gold and energy. Shares are listed on the TSX under the symbols TECK.A and...

View company page

Reporting to the Manager, Cyber Operations, this team leader empowers their Offensive Operations analysts to conduct security assessments. This role will be responsible for probing and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our IT and OT environments are mitigated.

The successful candidate will have strong critical thinking and analytical skills, hands-on experience in application and infrastructure penetration testing beyond automated tools, comprehensive knowledge of Linux, Windows, and network security, excellent English communication skills, a track record of meeting deadlines and delivering high-quality reports, meticulous attention to detail, and the ability to thrive and lead in a collaborative team environment. 


  • Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
  • Conduct security assessments that can be multi-faceted for both IT and OT environments
  • Define the scope for security testing assignments
  • Create interactive quality assurance security test reports and other documentation as needed
  • Build trusting relationships with clients to develop appropriate remediation plans
  • Provide exceptional service in a professional, courteous and timely manner
  • Provide thought leadership, direction and advice for the Information Security practice on malware, attack vectors and methods to protect against threats
  • Collaborate with colleagues in other service lines in support of needs for Information Security services
  • Stay informed on current tools, technologies and vulnerabilities to incorporate into testing practices


  • Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or equivalent
  • At least three (3) years experience working on vulnerability assessments and penetration tests
  • Outstanding critical thinking and analytical skills
  • Application and infrastructure penetration testing experience that transcends running automated tools
  • A comprehensive understanding of Linux, Windows and network security skills
  • Excellent written and verbal communication in English
  • Ability to meet deadlines and deliver a high-quality product (reports)
  • Thorough and accurate attention to detail
  • Ability to work independently and perform as a leader in a collaborative group setting

  • Familiar with (if not qualified in) test suites such as:
  • Nessus
  • MetaSploit
  • Burp Suite
  • Kali
  • NMap
  • Fortify
  • Acunetix

  • One or more of the following certifications are desired:
  • EC-Council Certified Ethical Hacker (CEH)
  • EC-Council Licensed Penetration Tester (LPT)
  • GIAC Certified Penetration Tester (CPEN)
  • IACRB Certified Penetration Tester (CPT)
  • Offensive Security Certified Professional (OSCP)
  • CREST Registered Tester (CRT)
  • CREST Infrastructure Certification
  • CESG CHECK Team Leader
  • CESG CHECK Team Member
  • Tiger Scheme Senior Security Tester
  • Tiger Scheme Qualified Security Tester
  • Any other recognized penetration testing certification/accreditation

Nice to Haves

  • ISO27001 Lead Auditor
  • CISSP, CISA, CISM Certifications
  • CREST recognized penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL)
  • Experience developing custom scripts or tools used for vulnerability scanning and identification
  • Familiarity with threat modelling and security design review methodologies
  • Support team technical progress (e.g. through service development or research) and contribute to company technical processes overall
  • Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro
  • Proficiency with physical security testing, phishing and social engineering techniques
  • Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB
About Teck
At Teck, we value diversity. Our teams work collaboratively and respect each person’s unique perspective and contribution.

Qualified applicants interested in joining dynamic team are encouraged to submit a resume and cover letter electronically.

We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.

Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal and zinc, as well as investments in energy assets.
Teck has been named one of Canada’s Top 100 Employers for the six consecutive years. Teck has also been named to the Forbes list of the World’s Best Employers for the past two years and is one of Canada's Top Employers for Young People.
Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.

Learn more about Teck at or follow @TeckResources
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our salary survey 💰

Tags: Android Burp Suite C CEH CESG CHECK CISA CISM CISSP Computer Science CREST GIAC ISO 27001 Java Kali Linux Malware Metasploit Mobile security Nessus Network security Nmap Offensive security OSCP OWASP Pentesting PHP Security assessment Veracode Vulnerabilities Windows

Perks/benefits: Startup environment

Region: North America
Countries: Canada United States
Job stats:  4  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.