## Penetration Testing AnalystApplylocations: Waterford, Waterford, Ireland: Manila, National Capital Region (Manila): Toronto, Ontario: Sun Life Global Solutions Private Limitedtime type: Full timeposted on: Posted Todayjob requisition id: JR********You are as unique as your background, experience and point of view.
Here, you'll be encouraged, empowered and challenged to be your best self.
You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you.
Your leaders will inspire and help you reach your potential and soar to new heights.
Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do.
Discover how you can make a difference in the lives of individuals, families and communities around the world.
**Job Description:**At Sun Life, we work together, share common values, and encourage growth and achievement.
We are seeking a skilled **Penetration Testing Analyst** to perform hands-on security testing of applications, infrastructure, and systems.This role is primarily focused on **Penetration Testing delivery**, with **secondary exposure to Red Team activities**, contributing to adversary simulation exercises where required.
The successful candidate will have strong technical testing capabilities, with an interest in developing broader offensive security skills.
## **Key Responsibilities*** Perform **web, API, mobile, and infrastructure penetration testing** across enterprise applications.
* Identify, exploit, and validate security vulnerabilities using manual testing techniques and industry tools.
* Conduct testing in line with established methodologies and security frameworks (e.g., OWASP).
* Produce **clear, structured reports** outlining: + Vulnerabilities and root cause + Business impact and risk rating + Practical remediation recommendations* Perform **research into new vulnerabilities, exploits, and attack techniques** to enhance testing coverage.
* Support re-testing activities to validate remediation of identified issues.
* Support Red Team or **adversary simulation exercises** where required.
* Contribute to reconnaissance and attack surface mapping, Identification of potential attack paths.
* Support documentation of **attack paths and identified security gaps.
*** Assist in **controlled exploitation activities** under guidance, including: + Initial access techniques + Limited post-exploitation validation (e.g., privilege escalation concepts, lateral movement awareness)* Collaborate with senior team members to understand **real-world attacker behaviour and techniques.
**## **Required Skills & Experience**### **Core Penetration Testing Skills (Essential)*** Hands-on experience in: + Web application security testing (OWASP Top 10) + API security testing + Basic network/infrastructure testing* Strong understanding of: + Authentication, session management, and access control flaws + Input validation and injection vulnerabilities* Experience with tools such as: + Burp Suite, Nmap, sqlmap, or similar* Ability to perform **manual testing beyond automated scanning.
*** Strong documentation and reporting skills, with focus on **clear risk articulation.
**### **Red Teaming Skills (Desirable – Foundational Level)*** Basic understanding of **adversary simulation concepts and attack lifecycle.
*** Familiarity with: + Reconnaissance techniques + Common initial compromise methods* Awareness of: + Privilege escalation and lateral movement concepts + Attack paths across enterprise environments* Interest in developing **Red Team and offensive security capabilities** over time.
## **Qualifications*** Bachelor's degree in Computer Science, Information Security, or a related field.
* Certifications such as OSCP, OSWA, CISSP or CompTIA are desired but not required.
## **Benefits*** 22 Days Annual Leave - increasing to 25 days based on length of service* Maternity Leave, Paternity Leave, Parental Leave* C$400/€275 Fitness Reimbursement for gym membership annually* Annual Bonus plan based on Company and Individual Performance* 100% Private Health Insurance cover for employees and 50% contribution for family members from date of hire* Study Assistance Programme inclusive of Masters Programme* S&S Club, Wellness Programme, GP Scheme, Flu Vaccines, Eye Care Scheme as well as lots of discounted events and classes* Defined Contribution Pension Scheme* Access to Professional Development Training Platforms**Job Category:**IT - Technology Services**Posting End Date:**03/07/2026
#J-*****-Ljbffr