|
You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world. Job Description:
At Sun Life, we work together, share common values, and encourage growth and achievement. We are seeking a skilled Penetration Testing Analyst to perform hands-on security testing of applications, infrastructure, and systems.
This role is primarily focused on Penetration Testing delivery, with secondary exposure to Red Team activities, contributing to adversary simulation exercises where required. The successful candidate will have strong technical testing capabilities, with an interest in developing broader offensive security skills.
Key Responsibilities
Perform web, API, mobile, and infrastructure penetration testing across enterprise applications. Identify, exploit, and validate security vulnerabilities using manual testing techniques and industry tools. Conduct testing in line with established methodologies and security frameworks (e.g., OWASP). Produce clear, structured reports outlining:
Vulnerabilities and root cause Business impact and risk rating Practical remediation recommendations Perform research into new vulnerabilities, exploits, and attack techniques to enhance testing coverage. Support re-testing activities to validate remediation of identified issues. Support Red Team or adversary simulation exercises where required. Contribute to reconnaissance and attack surface mapping, Identification of potential attack paths. Support documentation of attack paths and identified security gaps. Assist in controlled exploitation activities under guidance, including:
Initial access techniques Limited post-exploitation validation (e.g., privilege escalation concepts, lateral movement awareness)
Required Skills & Experience
Core Penetration Testing Skills (Essential)
Hands-on experience in:
Strong understanding of:
Authentication, session management, and access control flaws Input validation and injection vulnerabilities Experience with tools such as:
Ability to perform manual testing beyond automated scanning. Strong documentation and reporting skills, with focus on clear risk articulation.
Red Teaming Skills (Desirable - Foundational Level)
Qualifications
Bachelor's degree in Computer Science, Information Security, or a related field. Certifications such as OSCP, OSWA, CISSP or CompTIA are desired but not required.
Benefits
22 Days Annual Leave - increasing to 25 days based on length of service Maternity Leave, Paternity Leave, Parental Leave C$400/275 Fitness Reimbursement for gym membership annually Annual Bonus plan based on Company and Individual Performance 100% Private Health Insurance cover for employees and 50% contribution for family members from date of hire Study Assistance Programme inclusive of Masters Programme S&S Club, Wellness Programme, GP Scheme, Flu Vaccines, Eye Care Scheme as well as lots of discounted events and classes Defined Contribution Pension Scheme Access to Professional Development Training Platforms
Job Category: IT - Technology Services
Posting End Date: 03/07/2026
|
Sun Life
parental leave
May 27, 2026