Please send your resume at if you are interested in this 2-year contract with Government of Saskatchewan (Information Technology Division (ITD)) with a possibility of extension,If you are not interested, please feel free to pass it in your network for anyone looking for work.
Position title: RFR-0719 - Penetrating Testing Analyst
Working Status: On-Site
Location: GOS office located in Regina, Saskatchewan
Start Date: 18th March 2026
Mandatory Qualification/Requirement
• M1 - Demonstrated experience working as a Penetration Tester.
• M2 - Candidate must be able to work 100% onsite at a Government of Saskatchewan office in Regina, Saskatchewan, Canada upon contract start date.
Rated Qualification/Requirement
• R1 - Local Knowledge
• R2 - Demonstrated experience with cybersecurity standards including the Open Web Application Security Project (OWASP) Application Security Testing Standard.
• R3 - Demonstrated experience with cloud security and cloud-based application architecture and different deployment models.
• R4 -Demonstrated experience with penetration testing tools.
• R5 - Demonstrated experience identifying and exploiting vulnerabilities.
• R6 - Demonstrated experience with common attack vectors and techniques, and how to defend against them.
• R7 - Demonstrated experience in regulatory compliance standards and ensuring compliance during penetration testing.
• R8 - Demonstrated experience in static and dynamic application security testing using automated tools and manual techniques.
• R9 - Demonstrated experience with white box testing and black box testing.
• R10 - Demonstrated experience with the ISO 27002:2022, or equivalent, code of practice for information security controls.
• R11 - Demonstrated experience writing and presenting detailed assessment reports.
• R12 - Valid certifications such as Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP) are considered significant assets. Related cybersecurity certifications will be considered.
Position Overview
This Request for Resource (RFR) is an invitation by the Government of Saskatchewan (GOS) to prospective Proponents to provide Submissions for the provision of one (1) or more Penetration Testing Analyst(s), as further described in the RFR Particulars (Appendix A) (the Deliverables).
The Information Technology Division (ITD) of the Ministry of SaskBuilds and Procurement (SBP) is looking for one (1) or more Penetration Testing Analyst(s) to join the Cyber Security and Risk Management Branch (CSRM). The CSRM is responsible for managing all things related to IT security including, though not necessarily limited to:
• Provide interpretation and enforcement of the information security policy and standards;
• Providing information security, education and awareness;
• Responding to information security Incidents;
• Performing Threat Risk Assessments (TRAs) for IT-related business initiatives throughoutGovernment;
• Providing security assessment and overall security requirements and oversight for IT-relatedSolution and Services Procurements;
• Providing information security advice and guidance for business areas; and,
• Evaluating new threats and vulnerabilities.
THE DELIVERABLES
The ideal candidate will possess a strong foundation in cybersecurity principles, with demonstrated expertise in penetration testing methodologies, vulnerability assessment, and exploit development. The candidate will have hands-on experience with industry-standard tools coupled with a deep understanding of network protocols, operating systems, and secure coding practices.
The successful candidate(s) will be responsible for, but not limited to, the following duties:
• Conduct internal and external (remote from GOS offices) security testing on networks and applications;
• Assessing physical security, if applicable;
• Conducting security audits, if assigned;
• Analyzing security policies and standards;
• Performing transfer of knowledge with other members of the CSRM Branch; and,
• Writing security assessment reports.
