Security Engineer
Manila, Manulife Business Processing Services
Manulife
Manulife is a leading financial services group. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today.
Working Arrangement
HybridJob Description
Job Description Summary
The DevSecOps Engineer is a multi-faceted security role responsible for the identification, tracking, mitigation, remediation, and verification of security vulnerabilities in applications, systems and infrastructure. The successful candidate will combine their knowledge with strong interpersonal skills to ensure that security risks are effectively identified and appropriately addressed while maintaining a balance between security & usability.
Responsibilities:
- Assist software development teams with understanding and remediating automated scan results of software source code as well as penetration testing
- Assist the Business Unit Security Officers in the risk assessment process by assessing application risks and providing security recommendations for improved application design or coding
- Work with the developers throughout the software engineering lifecycle to ensure compliance with secure software development best practices
- Drive adoption of US segment code scanning capabilities and of the DevSecOps pipeline
- Develop and deliver Cybersecurity analytics that will allow for data driven decisions.
- Deliver regular reporting on initiatives, program progress and key areas of risk.
- Develop or acquire targeted training for development teams in secure coding and other security practices
- Identify, propose and acquire toolsets to assist with the security assessment process in an Agile and DevOps environment
Qualifications
- Minimum of 3 years in IT
- Work experience in application security/vulnerability management
- Development and/or security-related experience with web applications, web services, and mobile applications including:
- at least 1 of the following core languages: Java, .NET, Python, Angular, NodeJS
- Experience working on or closely with development teams in the Software Development Life Cycle (SDLC) using DevOps, Agile and/or waterfall methodologies
- Ability to understand and interpret vulnerabilities and communicate business impact and remediation actions to management
- Ability to rapidly learn new technologies and business functions
- Excellent analytical, presentation, and communication (oral and written) skills to work with technical and non-technical audiences
- Results-oriented, high energy, self-motivated
- Excellent leadership, teamwork, and client service skills
- Security related certifications, such as CISSP, CSSLP, or SANS GIAC, a plus but not required
- Scripting experience using Powershell/Python is a plus
- Familiarity with DevSecOps Tools, a plus
- SNYK, Contrast Security, Fortify, CheckMarx, SonarQube, TeamCity, Github, Docker, Kubernetes
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as ‘MFC’ on the Toronto, New York, and the Philippine stock exchanges, and under ‘945’ in Hong Kong.
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Application security Checkmarx CISSP Compliance DevOps DevSecOps Docker GIAC GitHub Java Kubernetes Node.js Pentesting PowerShell Python Risk assessment SANS Scripting SDLC Security assessment SonarQube Vulnerabilities Vulnerability management
Perks/benefits: Career development Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs