At Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should reflect the diversity of the members, clients and communities we serve.
If there's something we can do to help make the recruitment process or the job you're applying for more accessible, let us know. We can provide accommodations at any stage in the recruitment process. Just ask!
Job Level
NV-11Do technical challenges keep you awake at night? Do you want to constantly learn, analyze, understand things and leverage your experience, knowledge and expertise?Our Red Team needs an operator to perform adversary simulation and threat monitoring activities at Desjardins. In this role, you work with high caliber cyber defence and insider threat teams during activities requiring you to use modern and sophisticated offensive tools, in-house tradecraft and TTPs that you develop to effectively do your job.
As an Offensive Security Advisor, you help protect IT hardware, software and data against modification, destruction, and accidental or unauthorized disclosure. You also assist in authentication and access control by designing, administering and controlling proven security systems. You analyze IT system vulnerabilities and implement protective measures to back up, restore and secure systems.
You lead practitioners on development projects and innovative, complex strategic initiatives, including the development of IT security standards and policies. Your initiatives require extensive, in-depth knowledge of your line of work.
You make recommendations on the development and execution of projects and initiatives with a high degree of operational and conceptual complexity. You use your analytical skills and comprehensive, detailed knowledge of your line of business and the organization. Coordination is critical. You interact with many stakeholders working in a wide range of fields. Interpersonal savvy is therefore essential.
You serve as a specialist advisor and subject matter expert, as well as a resource person and coach for decision-making bodies.
We're looking for a team player who can manage a project and stay organized.
General Information on the Position
Main responsibilities
Lead large-scale development projects, initiatives and activities in your specialty area that have a significant impact on the entire organization
Advise your clients and partners to help them position, plan, develop, select solutions for, execute and monitor strategic projects and initiatives under your responsibility
Develop and update policies, standards, models and programs to support your unit's strategic projects and initiatives
Identify and analyze major issues. Diagnose issues and make recommendations to decision-making bodies
Represent your unit before decision-making bodies
Represent Desjardins when making agreements with external partners and organizations
Design, develop and implement various attack chains for different levels of sophistication
Perform the research and development required to maintain and contribute to the team's tradecraft
Collaborate with the Desjardins cyber defence and insider threat teams to improve prevention, detection and response capabilities
Document and communicate detailed observations and recommendations, using plain, simple language.
Other working conditions
Workplace: Position located in Montreal, Lévis, Sherbrooke, Shawinigan, Drummondville, Saint-Lambert, Gatineau or Chicoutimi, depending on the applicant selected. The work arrangement for the position is hybrid work
Number of jobs available: 1
Qualifications
Bachelor's degree in a related field
A minimum of 8 years of relevant experience
Experience in Offensive Security as a Red Team operator and/or with stealth pentesting
Experience developing creative stealth tools and automating tasks in various programming languages
Experience operating with C2
Please note that other combinations of qualifications and relevant experience may be considered
For vacant positions available in Quebec, please note that knowledge of French is required
Specific knowledge
Proficiency in application security and infrastructure operations
Knowledge of modern evasive techniques (e.g., antivirus, EDR, NDR)
General knowledge of defence mechanisms and business controls
Familiarity with the MITRE ATT&CK framework
Proficiency in advanced French
Why Desjardins's Red Team?
Possibility of flexible work location
Quarterly department meetings and in-person team activities (BBQ!)
Attack simulation against formidable cyber defence teams
Work-life balance a core value
A team of 30 hackers backed by strong technical managers
Flexible training budget
Desjardins invests in training its Offensive Security team by offering access to internationally-renowned conferences and training programs.
As an example, here's the training list for our team over the last 12 months:
Adversary Simulation and Red Team Tactics by MDSec
Adversary Tactics: Red Team Operations by SpecterOps
Adversary Tactics: Tradecraft Analysis by SpecterOps
Adversary Tactics: Vulnerability Research for Operators by SpecterOps
An Analytical Approach to Modern Binary Deobfuscation by Arnau Gàmez i Montolio
Dark Side Ops 1: Malware Dev by NetSPI
Dark Side Ops 2: Adversary Simulation by NetSPI
Initial Access Operation by FortyNorth Security
Malware On Steroids by Dark Vortex
Modern Malware OPSEC & Anti-Reverse Techniques Implementation and Reversing by Dr. Silvio La Porta and Dr. Antonio Villani
Offensive Cloud Security by NCC Group
OSCP, OSCE, OSEP, OSED, OSWP by Offensive Security
Red Team Operator: Windows Evasion by Sektor7
Unplugged: Modern Wi-Fi Hacking by SensePost
Windows Internals by Paval Yosifovich
Windows Kernel Exploitation by Ashfaq Ansari
Desjardins Cross-sector skills
Action oriented, Customer Focus, Differences, Nimble learningKey competencies for the job
Interpersonal Savvy, Strategic mindsetWork Location
1, Complexe Desjardins, MontréalTrade Union
Non SyndiquéUnposting Date
2024-02-12Job Family
Information technology (FG)Desjardins Group is the largest cooperative financial group in Canada, and one of the largest employers in the country. It offers a full range of financial products and services and is home to a wealth of expertise in property and casualty insurance, life and health insurance, wealth management, services for businesses of all sizes, securities brokerage, asset management, venture capital, and secure, leading-edge virtual access methods.