Web Application Penetration Tester

Apply now »

Date: Jun 30, 2026

Location: Winnipeg, MB (Hybrid), CA Moncton, NB (Hybrid), CA Hybrid - Canada, CA Montreal, QC (Hybrid), CA Ottawa, ON (Hybrid), CA Kitchener, ON (Hybrid), CA Vancouver, BC (Hybrid), CA North York - Toronto, ON (Hybr, CA Calgary, AB (Hybrid), CA Dartmouth, NS (Hybrid), CA Edmonton, AB (Hybrid), CA

Company: Wawanesa Insurance

 

Job ID: 10164 


Employment Type: Existing Role 

 

Work Environment: We offer a hybrid work environment that offers flexibility to our employees in balancing in-office (2 days per week OR 15 hours per week in a Wawanesa office) and remote work. You may work from any of the following locations: Winnipeg, MB; Wawanesa, MB; Vancouver, BC; Calgary, AB; Edmonton, AB; Lethbridge, AB; Toronto (North York), ON; Kitchener, ON; Ottawa, ON; Montreal, QC; Quebec City, QC, Moncton, NB; Dartmouth; NS. 

 

Working Business Language: English. This role is considered a head-office role and will be required to communicate with internal stakeholders across Canada where the primary business language utilized is English.
 

Salary: At Wawanesa, salary is only one component of a holistic, comprehensive and competitive offering that we provide to our employees. In addition to salary, full-time and part-time permanent employees are eligible for an annual bonus plan, leave of absence top-up programs and provided with generous vacation time, personal days, premium free benefits and pension plan. 
 

The salary offered for this role is determined with consideration to various factors, including but not limited to: your work location, local labour market conditions, external market salary data, internal pay equity and the knowledge, skills, experience and anticipated proficiency in the role. The salary offered is estimated to be within the following range: $90,000 - $110,000. Candidates with salary expectations outside of the range are still encouraged to apply. 

 

About The Wawanesa Mutual Insurance Company
Founded in 1896, The Wawanesa Mutual Insurance Company is one of Canada’s largest mutual insurers, 100% owned by its members, with more than $4.1 billion in annual revenue and $12.5 billion in assets. Headquartered in Winnipeg, Wawanesa is the parent company of Wawanesa Life, which provides life insurance solutions throughout Canada, and Western Financial Group, a leading national distributor of personal and business insurance. In March of 2026, Wawanesa entered into an agreement to acquire Everest Insurance Company of Canada to strengthen its commercial insurance capabilities and advance its long-term growth strategy.


Wawanesa proudly serves more than 1.8 million members and we are home to more than 3,000 employees across Canada. The company actively gives back to organizations that strengthen communities, donating more than $4 million annually to charitable organizations, including more than $2 million each year in support of people on the front lines of climate change. Learn more at wawanesa.com.

 

We are currently looking for dedicated, driven, and enthusiastic individuals who thrive in an environment that welcomes change and are looking for an opportunity for diverse experience and advancement on a growing team.

Job Overview

The Web Application Penetration Tester role will contribute to Wawanesa’s success by helping to deliver security testing services to our enterprise client groups.  This role will ensure that Wawanesa’s internally-developed web applications and APIs are free of design flaws or vulnerabilities prior to their release.

 

Job Responsibilities

  • Perform evaluations of client systems, web applications, APIs and their supporting networks to discover vulnerabilities
  • Configure, run, and monitor automated security testing tools
  • Thoroughly document exploit chain/proof of concept scenarios for internal client consumption
  • Assist clients with the design, implementation, and/or monitor security measures for the protection of web applications
  • Identify, define, and/or implement system security requirements for external and internal facing web applications
  • Assist with vulnerability risk assessments
  • Follow established practices and processes
  • Perform role in cyber incident response as required
  • Generate reports based on test findings.
  • Perform other duties as assigned.

Qualifications

  • Bachelor’s degree in computer science, an analytical discipline or equivalent experience
  • 1+ year of web application security testing experience 
  • Knowledge of Web application vulnerabilities and security considerations
  • Working knowledge of industry standard technical security controls
  • Familiarity with vulnerability assessment and penetration best practices
  • Experience with the following:
    • vulnerability and penetration testing techniques and tools
    • Burp Suite 
    • testing web and mobile platforms
    • working with markup, scripting, and programming languages such as HTML, XML, JavaScript, PHP, Perl, Python, Bash, ASP, C++, C#, Java, and .NET
  • Possess or working towards one of the following certifications:
    • GIAC Penetration Tester (GPEN)
    • GIAC Web Application Penetration Tester (GWAPT)
    • GIAC Certified Incident Handler (GCIH)
    • Offensive Security Certified Expert (OSCE)
    • Offensive Security Certified Professional (OSCP)
  • Must have an ability to communicate effectively, both verbally and in writing, to interact effectively with internal teams (such as developers, project team members, and management) to build relationships and use facilitation skills with both technical and non-technical personnel.
  • Ability to work independently and within a team
  • Knowledge of and experience in the insurance industry is considered an asset


Diversity Equity, Inclusion & Belonging

At Wawanesa, we are committed to Diversity, Equity, Inclusion and Belonging (DEIB) and believe that our strength lies in the diversity of our people – this is supported by having a representative workforce.

We welcome applications from all qualified candidates, including racialized persons, women, Indigenous Peoples, persons with disabilities, members of the 2SLGBTQIA+ community, gender-diverse and neurodiverse individuals, and anyone who can contribute to the further diversification of thought and ideas. 
 

We aim to ensure our recruitment process is accessible to all candidates. If you require accommodations during any stage of the recruitment process, please reach out in confidence to jobs@wawanesa.com.
 

All Wawanesa job applicants are subject to Wawanesa's Privacy Policy.

Please note that the recruitment process for this position may involve the use of AI tools to screen, assess, or select applicants. All final decisions are taken or reviewed by human recruiters and human hiring leaders in compliance with all applicable legislation.