Penetration Tester
CAN, Ontario, Toronto, 200 Bloor Street East
Manulife
Manulife is a leading financial services group. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today.
Working Arrangement
HybridJob Description
The opportunity
Manulife’s Global Cybersecurity Services - Application Security is building up a penetration testing Centre of Excellence (COE) to deliver penetration test related capabilities for all segments in Manulife. As a Application Pentest Execution Lead, you will be working closely with our business team and second line of defense, to assess scope and level of effort based on identified areas of risk and execute assigned engagements in alignment to common penetration testing industry frameworks.
Responsibilities
Performing penetration tests against internal and/or external environment of different organizations including web applications, microservices and mobile applications.
Evaluating and attempting to bypass the organization’s current information security controls.
Write reports including technical details, risk analysis and providing remediation recommendations for identified issues.
Participate in project related meetings: information gathering, solution design, project checkpoints.
Propose, examine and assist in the acquisition and development of suitable penetration testing tools to ensure the delivery of quality services to our business.
Maintain an ongoing awareness of trends in penetration testing technology, as well as target environment technologies and regulatory requirements.
Apply creative problem solving throughout a secure software development life cycle to continuously improve the effectiveness of the end-to-end process.
Ideate. Test. Learn. Iterate. Bring a flexible, adaptive mindset, comfortable with ambiguity in a rapidly changing technology environment.
Be a continuous learner, not only for your own career, but from teams’ successes and failures.
Embrace open-source communities, both internally and externally, sharing your knowledge across your team and peers.
Qualifications
Bachelor’s degree in Computer Science or related discipline.
Holds relevant Information Security or related Certification such as OSCP, OSCE, CEH, GWAPT, GPEN, eWPT.
Demonstrated experience (minimum 3 years) in performing hands-on penetration tests against external and internal networks, operating systems, web applications and more.
Demonstrated technical knowledge of current vulnerabilities, exploits and tools.
Experience in developing advanced attacking capabilities and methods.
Extensive technical knowledge of security industry best practices and procedures.
Demonstrated experience with security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing and the ability to perform both manual and automated testing.
Experience in researching evolving exploits, techniques, and tools in support of penetration testing efforts.
Experience in developing security tools, using scripts and utilities to automate assessment and analysis activities
Excellent verbal and written communication skills including the ability to write clear and concise assessment reports that include of findings, recommendations, road maps, and actionable plans.
Exceptional customer service, communication and interpersonal skills.
Ability to communicate and work closely with executives, peers and employees at all levels.
Strong time management and organizational.
High degree of integrity, competence, adaptability, resilience and initiative.
Experience working in an international environment with people from multiple cultures preferred.
What can we offer you?
A competitive salary and benefits packages.
A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
A focus on growing your career path with us.
Flexible work policies and strong work-life balance.
Professional development and leadership opportunities.
Our commitment to you
Values-first culture
We lead with our Values every day and bring them to life together.Boundless opportunity
We create opportunities to learn and grow at every stage of your career.Continuous innovation
We invite you to help redefine the future of financial services.Delivering the promise of Diversity, Equity and Inclusion
We foster an inclusive workplace where everyone thrives.Championing Corporate Citizenship
We build a business that benefits all stakeholders and has a positive social and environmental impact.
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as ‘MFC’ on the Toronto, New York, and the Philippine stock exchanges, and under ‘945’ in Hong Kong.
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.
Salary & Benefits
The annual base salary for this role is listed below.
Primary Location
Toronto, OntarioSalary range is expected to be between
$74,270.00 CAD - $137,930.00 CADIf you are applying for this role outside of the primary location, please contact recruitment@manulife.com for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.
Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact recruitment@manulife.com for more information about U.S.-specific paid time off provisions.
Tags: Application security CEH Computer Science eWPT Exploits GPEN GWAPT Microservices OSCE OSCP Pentesting Risk analysis SDLC Security assessment Vulnerabilities
Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Gear Health care Insurance Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs