Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Sun Life

Penetration Testing Analyst

Sun Life

Penetration Testing Analyst responsible for penetration testing of applications and systems at Sun Life. Collaborating with experts to identify vulnerabilities and enhance security measures.

Posted 6/30/2026full-timeTaguig City • 🇵🇭 PhilippinesMid-LevelSeniorWebsite

About the role

Key responsibilities & impact
  • Perform web, API, mobile, and infrastructure penetration testing across enterprise applications.
  • Identify, exploit, and validate security vulnerabilities using manual testing techniques and industry tools.
  • Conduct testing in line with established methodologies and security frameworks (e.g., OWASP).
  • Produce clear, structured reports outlining: Vulnerabilities and root cause, Business impact and risk rating, Practical remediation recommendations.
  • Perform research into new vulnerabilities, exploits, and attack techniques to enhance testing coverage.
  • Support re-testing activities to validate remediation of identified issues.
  • Support Red Team or adversary simulation exercises where required.
  • Contribute to reconnaissance and attack surface mapping, Identification of potential attack paths.
  • Support documentation of attack paths and identified security gaps.
  • Assist in controlled exploitation activities under guidance, including: Initial access techniques, Limited post-exploitation validation (e.g., privilege escalation concepts, lateral movement awareness).
  • Collaborate with senior team members to understand real-world attacker behaviour and techniques.

Requirements

What you’ll need
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Core Penetration Testing Skills
  • Hands-on experience in web application security testing (OWASP Top 10)
  • API security testing
  • Basic network/infrastructure testing
  • Strong understanding of authentication, session management, and access control flaws
  • Input validation and injection vulnerabilities
  • Experience with tools such as Burp Suite, Nmap, sqlmap, or similar
  • Ability to perform manual testing beyond automated scanning.
  • Strong documentation and reporting skills, with focus on clear risk articulation.
  • Basic understanding of adversary simulation concepts and attack lifecycle (Desirable – Foundational Level)
  • Familiarity with reconnaissance techniques
  • Common initial compromise methods
  • Awareness of privilege escalation and lateral movement concepts
  • Interest in developing Red Team and offensive security capabilities over time.

Benefits

Comp & perks
  • 22 Days Annual Leave - increasing to 25 days based on length of service
  • Maternity Leave, Paternity Leave, Parental Leave
  • C$400/€275 Fitness Reimbursement for gym membership annually
  • Annual Bonus plan based on Company and Individual Performance
  • 100% Private Health Insurance cover for employees and 50% contribution for family members from date of hire
  • Study Assistance Programme inclusive of Masters Programme
  • S&S Club, Wellness Programme, GP Scheme, Flu Vaccines, Eye Care Scheme as well as lots of discounted events and classes
  • Defined Contribution Pension Scheme
  • Access to Professional Development Training Platforms

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Penetration TestingVulnerability IdentificationManual Testing TechniquesInput ValidationInjection VulnerabilitiesAuthentication FlawsSession ManagementAccess Control FlawsAdversary Simulation ConceptsAttack Lifecycle Awareness
Soft Skills
Strong Documentation SkillsClear Risk Articulation