Full Description

Manulife’s Global Cybersecurity Services - Application Security is building up a penetration testing Centre of Excellence (COE) to deliver penetration test related capabilities for all segments in Manulife. As a Penetration Tester, you will be working closely with our business team and second line of defense, to assess scope and level of effort based on identified areas of risk and execute assigned engagements in alignment to common penetration testing industry frameworks. Have the skills and experience for the job? Learn more about it below! Responsibilities Performing penetration tests against internal and/or external environment of different organizations including web applications, microservices and mobile applications. Evaluating and attempting to bypass the organization’s current information security controls. Write reports including technical details, risk analysis and providing remediation recommendations for identified issues. Participate in project related meetings: information gathering, solution design, project checkpoints. Propose, examine and assist in the acquisition and development of suitable penetration testing tools to ensure the delivery of quality services to our business. Maintain an ongoing awareness of trends in penetration testing technology, as well as target environment technologies and regulatory requirements. Apply creative problem solving throughout a secure software development life cycle to continuously improve the effectiveness of the end-to-end process. Ideate. Test. Learn. Iterate. Bring a flexible, adaptive mindset, comfortable with ambiguity in a rapidly changing technology environment. Be a continuous learner, not only for your own career, but from teams’ successes and failures. Embrace open-source communities, both internally and externally, sharing your knowledge across your team and peers. Qualifications Bachelor’s degree in Computer Science or related discipline. Holds relevant Information Security or related Certification such as OSCP, OSCE, CEH, GWAPT, GPEN, eWPT. Demonstrated experience (minimum 3 years) in performing hands-on penetration tests against external and internal networks, operating systems, web applications and more. Demonstrated technical knowledge of current vulnerabilities, exploits and tools. Experience in developing advanced attacking capabilities and methods. Extensive technical knowledge of security industry best practices and procedures. Demonstrated experience with security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing and the ability to perform both manual and automated testing. Experience in researching evolving exploits, techniques, and tools in support of penetration testing efforts. Experience in developing security tools, using scripts and utilities to automate assessment and analysis activities Excellent verbal and written communication skills including the ability to write clear and concise assessment reports that include of findings, recommendations, road maps, and actionable plans. Exceptional customer service, communication and interpersonal skills. Ability to communicate and work closely with executives, peers and employees at all levels. Strong time management and organizational. High degree of integrity, competence, adaptability, resilience and initiative. Experience working in an international environment with people from multiple cultures preferred. Amenable to work in a mid/night shift schedule Amenable to work in a hybrid set-up (3x a week onsite) Join our global network of industry experts! Apply today About Manulife and John Hancock Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit . Manulife is an Equal Opportunity Employer At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact . Working Arrangement Hybrid We're Manulife. And we’re on a mission to make decisions easier and lives better. Better is what drives us. It’s what inspires us to find new ways to support customers and colleagues in living longer and healthier lives. It’s the reason we’re dedicated to investing in digital innovation and accelerating a sustainable and economically inclusive future. Joining us means you’ll be empowered to learn and grow your career. We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words. And as part of our global team, you’ll help shape the future you want to see – and discover that better can take you anywhere you want to go. We’re proud of our accomplishments and recognitions. Recent awards include: 2024 Gallup Exceptional Workplace Award Winner Manulife Named one of Forbes World’s Best Employers 2023 Best Companies to Work for in Asia 2023 We’ve been recognized as one of Canada’s Top 100 Employers (2024) Manulife included in Bloomberg’s 2023 Gender-Equality Index To receive our latest job opportunities directly to your inbox, create an account or sign in and navigate to the ‘Job Alerts’ section located in the top right corner of the page. From there, you can sign up to receive job alerts. Our ambition is to be the most digital, customer-centric global company in our industry. Learn more at .