Penetration Tester

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You’ve come to the right place. We’re looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we’d like to hear from you.

Working Arrangement

混合式

Job Description

Manulife Information Technology Delivery Center (MITDC) is building Penetration testing Centre of Excellence (COE) within its Global Cyber Security team to deliver penetration test related capabilities for all segments in Manulife.

As a Penetration tester, you will be working closely with our business team and second line of defense, to assess scope and level of effort based on identified areas of risk and execute assigned engagements in alignment to common penetration testing industry frameworks.

What will be expected of me?

• Performing penetration tests against internal and/or external environment of different organizations including web applications, microservices and mobile applications.
• MUST HAVE strong fundamentals in Coding (C#, Java, Python,). Database (SQL) Webserver implementation. Web Application (Front end / Back end)
• MUST HAVE strong fundamentals on Kali Linux, BurpSuite, Postman
• Write reports including technical details, risk analysis and providing remediation recommendations for identified issues.
• MUST be able to effectively communicate with the different stakeholders regarding severity of the findings and explain to NON-Technical and technical resources
• Participate in project related meetings: information gathering, solution design, project checkpoints.
• Propose, examine and assist in the acquisition and development of suitable penetration testing tools to ensure the delivery of quality services to our business.
• Maintain an ongoing awareness of trends in penetration testing technology, as well as target environment technologies and regulatory requirements.
• Ideate. Test. Learn. Iterate. Bring a flexible, adaptive mindset, comfortable with ambiguity in a rapidly changing technology environment.
• Be a continuous learner, not only for your own career, but from teams’ successes and failures.
• Embrace open-source communities, both internally and externally, sharing your knowledge across your team and peers.

What you bring

• Bachelor’s degree in Computer Science or related discipline.
• Holds relevant Information Security or related Certification such as OSCP, OSCE, CEH, GWAPT, GPEN, eWPT.is a plus but not required
• Demonstrated experience (minimum 3 years) in performing hands-on penetration tests against external and internal, web applications API/ webservices.
• Demonstrated technical knowledge of current vulnerabilities, exploits and tools.
• Experience in developing advanced attacking capabilities and methods.
• Extensive technical knowledge of security industry best practices and procedures.
• Demonstrated experience with security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing and the ability to perform both manual and automated testing.
• Experience in researching evolving exploits, techniques, and tools in support of penetration testing efforts.
• Experience in developing security tools, using scripts and utilities to automate assessment and analysis activities
• Excellent verbal and written communication skills including the ability to write clear and concise assessment reports that include of findings, recommendations, road maps, and actionable plans.
• Exceptional customer service, communication and interpersonal skills.
• Ability to communicate and work closely with executives, peers and employees at all levels.
• Strong time management and organizational.
• High degree of integrity, competence, adaptability, resilience and initiative.
• Experience working in an international environment with people from multiple cultures preferred. 

宏利和恒康的各個職位都可以為您創造機會，從中學習新技能並推動職涯發展。準備好在某處地方發揮影響力了嗎？您還在等待什麼？立即報名申請。

宏利概覽

宏利金融有限公司是全球領先的金融服務供應商，致力幫助大眾輕鬆作出明智抉擇，實現精彩人生。本公司的環球總部設於加拿大多倫多，在加拿大、亞洲和歐洲的辦事處以「宏利」的名稱營運，而在美國主要以「恒康」的名稱經營。本公司提供理財建議及保險方案，並透過環球財富與資產管理部「宏利投資管理」為全球個人客戶、機構及退休計劃成員提供服務。截至2020年底，本公司旗下有超過37,000 位員工、逾118,000位代理人，以及數以萬計的經銷合作夥伴，為超過3,000萬位客戶提供服務。截至2021年6月30日，宏利所管理和提供行政管理的資產總值達13,000億加元（約11,000億美元），而在過去十二個月支付予客戶的款項達313億加元。本公司的主要業務遍及亞洲、加拿大和美國，爲客戶服務超過155年。本公司在多倫多、紐約及菲律賓證券交易所以股份代號MFC上市，在香港交易所則以股份代號945上市。

宏利為重視就業機會平等之雇主

在宏利／恒康，我們擁抱多元。我們致力吸引、發展並留住多元化的員工隊伍，正如我們所服務的客戶一樣多元化，並打造包容的工作環境，在充分發揮文化優勢的同時尊重個體差異。我們矢志維持公平的招聘、挽留、晉升及薪酬制度，我們管理的所有實踐及項目不會因種族、血統、原籍地、膚色、族裔、国籍、宗教或宗教信仰、信仰、性別（包括懷孕及其相關情況）、性取向、遺傳特徵、退伍軍人身份、性別認同、性別表達、年齡、婚姻狀況、家庭狀況、殘疾或受適用法律保護的任何其他因素而區別對待。

我們的首要任務是消除障礙，為員工提供平等就業機會。人力資源部代表將盡力為應徵過程中提出要求的申請人提供合理協助。  申請人要求提供協助所分享的信息將會按照適用法律及宏利政策儲存及使用。  應徵過程中如需協助，請聯絡[via CTgoodjobs Apply Now  ]