You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.
At Sun Life, we work together, share common values, and encourage growth and achievement. We are seeking a skilled Penetration Testing Analyst to perform hands-on security testing of applications, infrastructure, and systems.
This role is primarily focused on Penetration Testing delivery, with secondary exposure to Red Team activities, contributing to adversary simulation exercises where required. The successful candidate will have strong technical testing capabilities, with an interest in developing broader offensive security skills.
Perform web, API, mobile, and infrastructure penetration testing across enterprise applications.
Identify, exploit, and validate security vulnerabilities using manual testing techniques and industry tools.
Conduct testing in line with established methodologies and security frameworks (e.g., OWASP).
Produce clear, structured reports outlining:
Vulnerabilities and root cause
Business impact and risk rating
Practical remediation recommendations
Perform research into new vulnerabilities, exploits, and attack techniques to enhance testing coverage.
Support re-testing activities to validate remediation of identified issues.
Support Red Team or adversary simulation exercises where required.
Contribute to reconnaissance and attack surface mapping, Identification of potential attack paths.
Support documentation of attack paths and identified security gaps.
Assist in controlled exploitation activities under guidance, including:
Initial access techniques
Limited post-exploitation validation (e.g., privilege escalation concepts, lateral movement awareness)
Collaborate with senior team members to understand real-world attacker behaviour and techniques.
Hands-on experience in:
Web application security testing (OWASP Top 10)
API security testing
Basic network/infrastructure testing
Strong understanding of:
Authentication, session management, and access control flaws
Input validation and injection vulnerabilities
Experience with tools such as:
Burp Suite, Nmap, sqlmap, or similar
Ability to perform manual testing beyond automated scanning.
Strong documentation and reporting skills, with focus on clear risk articulation.
Basic understanding of adversary simulation concepts and attack lifecycle.
Familiarity with:
Reconnaissance techniques
Common initial compromise methods
Awareness of:
Privilege escalation and lateral movement concepts
Attack paths across enterprise environments
Interest in developing Red Team and offensive security capabilities over time.
Bachelor's degree in Computer Science, Information Security, or a related field.
Certifications such as OSCP, OSWA, CISSP or CompTIA are desired but not required.
22 Days Annual Leave - increasing to 25 days based on length of service
Maternity Leave, Paternity Leave, Parental Leave
C$400/€275 Fitness Reimbursement for gym membership annually
Annual Bonus plan based on Company and Individual Performance
100% Private Health Insurance cover for employees and 50% contribution for family members from date of hire
Study Assistance Programme inclusive of Masters Programme
S&S Club, Wellness Programme, GP Scheme, Flu Vaccines, Eye Care Scheme as well as lots of discounted events and classes
Defined Contribution Pension Scheme
Access to Professional Development Training Platforms
Job Category:
IT - Technology Services
Posting End Date:
03/07/2026
Sun Life is a leading financial services organization dedicated to helping people achieve lifetime financial security and live healthier lives.
We provide a wide range of insurance and investment products and services in key markets around the world including Canada, the United States, the United Kingdom, Hong Kong, the Philippines and Indonesia. At Sun Life, we have more than 34,000 employees and 112,900 advisors worldwide.
Websites:
Canada www.sunlife.ca/en/
US www.sunlife.com/us/en/
Vietnam www.sunlife.com.vn
Hong Kong www.sunlife.com.hk
Indonesia www.sunlife.co.id
Malaysia www.sunlife.com.my
Philippines www.sunlife.com.ph
