Skills

Penetration Testing Risk Management Vulnerability Assessment Cloud Security Security Testing Architecture Application Architecture Operating Systems

Job Specifications

Position title: RFR-0719 - Penetrating Testing Analyst

Client: Government of Saskatchewan (Information Technology Division (ITD)

Contract Duration: 2 years with possibility of extension

Working Status: On-Site

Location: GOS office located in Regina, Saskatchewan

Start Date: 18th March 2026

Mandatory Qualification/Requirement

· M1 - Demonstrated experience working as a Penetration Tester.

· M2 - Candidate must be able to work 100% onsite at a Government of Saskatchewan office in Regina, Saskatchewan, Canada upon contract start date.

Rated Qualification/Requirement

· R1 - Local Knowledge

· R2 - Demonstrated experience with cybersecurity standards including the Open Web Application Security Project (OWASP) Application Security Testing Standard.

· R3 - Demonstrated experience with cloud security and cloud-based application architecture and different deployment models.

· R4 -Demonstrated experience with penetration testing tools.

· R5 - Demonstrated experience identifying and exploiting vulnerabilities.

· R6 - Demonstrated experience with common attack vectors and techniques, and how to defend against them.

· R7 - Demonstrated experience in regulatory compliance standards and ensuring compliance during penetration testing.

· R8 - Demonstrated experience in static and dynamic application security testing using automated tools and manual techniques.

· R9 - Demonstrated experience with white box testing and black box testing.

· R10 - Demonstrated experience with the ISO 27002:2022, or equivalent, code of practice for information security controls.

· R11 - Demonstrated experience writing and presenting detailed assessment reports.

· R12 - Valid certifications such as Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP) are considered significant assets. Related cybersecurity certifications will be considered.

Position Overview

This Request for Resource (RFR) is an invitation by the Government of Saskatchewan (GOS) to prospective Proponents to provide Submissions for the provision of one (1) or more Penetration Testing Analyst(s), as further described in the RFR Particulars (Appendix A) (the Deliverables).

The Information Technology Division (ITD) of the Ministry of SaskBuilds and Procurement (SBP) is looking for one (1) or more Penetration Testing Analyst(s) to join the Cyber Security and Risk Management Branch (CSRM). The CSRM is responsible for managing all things related to IT security including, though not necessarily limited to:

· Provide interpretation and enforcement of the information security policy and standards;

· Providing information security, education and awareness;

· Responding to information security Incidents;

· Performing Threat Risk Assessments (TRAs) for IT-related business initiatives throughout Government;

· Providing security assessment and overall security requirements and oversight for IT-related Solution and Services Procurements;

· Providing information security advice and guidance for business areas; and,

· Evaluating new threats and vulnerabilities.

THE DELIVERABLES

The ideal candidate will possess a strong foundation in cybersecurity principles, with demonstrated expertise in penetration testing methodologies, vulnerability assessment, and exploit development. The candidate will have hands-on experience with industry-standard tools coupled with a deep understanding of network protocols, operating systems, and secure coding practices.

The successful candidate(s) will be responsible for, but not limited to, the following duties:

· Conduct internal and external (remote from GOS offices) security testing on networks and applications;

· Assessing physical security, if applicable;

· Conducting security audits, if assigned;

· Analyzing security policies and standards;

· Performing transfer of knowledge with other members of the CSRM Branch; and,

· Writing security assessment reports.

About the Company

Amyantek is a Premier IT recruiting company with a focus on the Canadian Market. Our goal is to provide the highest quality of service to both our clients and our professional candidates No matter what the requirement, Amyantek is committed to exceeding our clients needs with the best quality of candidates who are pre- qualified with integrity and honesty at a cost effective solution. We are continuously looking for new ways to provide candidates who fit the complete requirements requested by our clients. Our services w... Know more