Job ref no.: 23010734
Manulife (International) Limited

Penetration Tester

Manulife (International) Limited

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You’ve come to the right place. We’re looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we’d like to hear from you.

Working Arrangement


Job Description

Manulife Information Technology Delivery Center (MITDC) is building Penetration testing Centre of Excellence (COE) within its Global Cyber Security team to deliver penetration test related capabilities for all segments in Manulife.

As a Penetration tester, you will be working closely with our business team and second line of defense, to assess scope and level of effort based on identified areas of risk and execute assigned engagements in alignment to common penetration testing industry frameworks.

What will be expected of me?

  • Performing penetration tests against internal and/or external environment of different organizations including web applications, microservices and mobile applications.
  • MUST HAVE strong fundamentals in Coding (C#, Java, Python,). Database (SQL) Webserver implementation. Web Application (Front end / Back end)
  • MUST HAVE strong fundamentals on Kali Linux, BurpSuite, Postman
  • Write reports including technical details, risk analysis and providing remediation recommendations for identified issues.
  • MUST be able to effectively communicate with the different stakeholders regarding severity of the findings and explain to NON-Technical and technical resources
  • Participate in project related meetings: information gathering, solution design, project checkpoints.
  • Propose, examine and assist in the acquisition and development of suitable penetration testing tools to ensure the delivery of quality services to our business.
  • Maintain an ongoing awareness of trends in penetration testing technology, as well as target environment technologies and regulatory requirements.
  • Ideate. Test. Learn. Iterate. Bring a flexible, adaptive mindset, comfortable with ambiguity in a rapidly changing technology environment.
  • Be a continuous learner, not only for your own career, but from teams’ successes and failures.
  • Embrace open-source communities, both internally and externally, sharing your knowledge across your team and peers.

What you bring

  • Bachelor’s degree in Computer Science or related discipline.
  • Holds relevant Information Security or related Certification such as OSCP, OSCE, CEH, GWAPT, GPEN, a plus but not required
  • Demonstrated experience (minimum 3 years) in performing hands-on penetration tests against external and internal, web applications API/ webservices.
  • Demonstrated technical knowledge of current vulnerabilities, exploits and tools.
  • Experience in developing advanced attacking capabilities and methods.
  • Extensive technical knowledge of security industry best practices and procedures.
  • Demonstrated experience with security assessment frameworks and procedures, including following industry best practice methodologies for penetration testing and the ability to perform both manual and automated testing.
  • Experience in researching evolving exploits, techniques, and tools in support of penetration testing efforts.
  • Experience in developing security tools, using scripts and utilities to automate assessment and analysis activities
  • Excellent verbal and written communication skills including the ability to write clear and concise assessment reports that include of findings, recommendations, road maps, and actionable plans.
  • Exceptional customer service, communication and interpersonal skills.
  • Ability to communicate and work closely with executives, peers and employees at all levels.
  • Strong time management and organizational.
  • High degree of integrity, competence, adaptability, resilience and initiative.
  • Experience working in an international environment with people from multiple cultures preferred. 



宏利金融有限公司是全球領先的金融服務供應商,致力幫助大眾輕鬆作出明智抉擇,實現精彩人生。本公司的環球總部設於加拿大多倫多,在加拿大、亞洲和歐洲的辦事處以「宏利」的名稱營運,而在美國主要以「恒康」的名稱經營。本公司提供理財建議及保險方案,並透過環球財富與資產管理部「宏利投資管理」為全球個人客戶、機構及退休計劃成員提供服務。截至2020年底,本公司旗下有超過37,000 位員工、逾118,000位代理人,以及數以萬計的經銷合作夥伴,為超過3,000萬位客戶提供服務。截至2021年6月30日,宏利所管理和提供行政管理的資產總值達13,000億加元(約11,000億美元),而在過去十二個月支付予客戶的款項達313億加元。本公司的主要業務遍及亞洲、加拿大和美國,爲客戶服務超過155年。本公司在多倫多、紐約及菲律賓證券交易所以股份代號MFC上市,在香港交易所則以股份代號945上市。



我們的首要任務是消除障礙,為員工提供平等就業機會。人力資源部代表將盡力為應徵過程中提出要求的申請人提供合理協助。  申請人要求提供協助所分享的信息將會按照適用法律及宏利政策儲存及使用。  應徵過程中如需協助,請聯絡[via CTgoodjobs Apply Now  ]  

More job information
Job ref no. 23010734
  • 5-day week
  • Birthday leave
  • Competitive pay
  • Dental plan
  • Discretionary bonus
  • Examination leave
  • Extra maternity leave
  • Flexible working hours
  • Insurance plan
  • Medical plan
  • Shuttle bus
Job Function
Work Model
  • On-site / At the workplace
Employment Term
  • Full-time
  • 3 years - 8 years
Career Level
  • Middle management level
  • Degree