Job Description
You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.Job Description:OB RESPONSIBILITIESOverall Purpose: Working in a team environment to provide the testing, analysis, and coordination of application security issues, supporting the development team and user base, while hardening the overall application security profile.Key TasksDesigning and implementation of automated security testing tools.Coordination, management, tracking, and executive level reporting of security issues identified via testing.Triage, Research, Analysis, and Mitigation recommendations for identified vulnerabilities.Participation in validation of software releases and hardware upgrades.Communicate with Application Development when upgrades introduce application security issues.Assist in efforts to further embed application security within the SDLC, specifically leveraging automation & continuous integration.Participate in Application Security Assessments and Reviews.Minimum Requirements:Bachelor's Degree in Computer Science, Computer Information Systems, Cyber Security, or similar accreditation.1-2 years in a Software Development or Application Security role.Experience with DAST and SAST Automated Testing Tools.Experience in Application Penetration Testing.Functional Knowledge with DAST & SAST Testing.Familiarity with Security Frameworks and Standards, such as: NIST, HiTrust, HIPAA, and PCI.Understanding of the most common vulnerabilities, such as: OWASP Top 10 or SANS Top 25.Desired Experience:Prior Use Experience of Burp Suite Enterprise for Manual, DAST Testing, and CheckMarx for SAST Testing.Configuration of Continuous Integration processes using Jenkins.Build Automation using Maven/Ant/Gradle.Configuration and Administration of Apache and Java environments.Authentication Frameworks, such as: SAML, OpenID, OAuth, etc.Cryptography implementation.Creation of Security Standards/Best Practices.Securing Distributed, Cloud Based Computing Environments.*Security Certifications (CISSP, GPEN, GWAPT, GXPN, etc.) considered a plus, but not required for this role.Attributes:Customer focus, service delivery oriented.Strong analytical and problem solving skills.Strong written and verbal communication skills across all levels of the organization.Maintain a calm, rational state in situations of ambiguity and high pressure.Understanding of computer hardware and software skills.Ability to work with team members spread over multiple locations.At Sun Life, you can be your most brilliant self. Our supportive, flexible, and inclusive work environment is one where you – and your career – can thrive. Whatever your aspirations, collaborative leaders and colleagues are ready to help you learn, grow, and succeed.We’re a global company with a passion for people. Our purpose is to help Clients achieve lifetime financial security and live healthier lives. As a team of 30,000 across 26 countries, our impact is far-reaching, and locally relevant. There’s power in numbers. As part of Sun Life’s growing team, you have an impact on people in your community and around the world.Shape the futureWith an optimistic eye on a brighter future, we drive to innovate. Be part of leading change, push boundaries and try new ways of working. Use data to drive bold actions. Be agile and pivot as we test and learn. At Sun Life, we’re driving transformation, sustainability and innovation for our Clients, employees, partners, and communities. Join us. Together, we can make the future brighter. #J-18808-Ljbffr