You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.
Job Description:
Position Summary:
The primary objectives for the Information Security team are to protect confidential and sensitive information and to maintain operational stability resulting from cyber-attacks. Offensive Security (Red Team) members contribute to these objectives by performing assessments that proactively identify security exposures within the Sun Life environment that go beyond the realm of traditional penetration testing. A successful senior red team operator, specializing in offensive security, must possess a diverse set of competencies to effectively simulate cyberattacks and identify vulnerabilities within an organization's systems. Firstly, a deep understanding of various attack vectors and techniques is essential, including knowledge of malware, social engineering, and exploit development. Additionally, proficiency in network and application penetration testing is crucial for identifying weaknesses in infrastructure and software. Strong analytical skills are necessary to assess risks and prioritize targets accurately. Effective communication skills are vital for conveying findings and recommendations to stakeholders. Finally, adaptability and creativity are indispensable traits for devising innovative attack strategies and staying ahead of evolving threats in the cybersecurity landscape.
What you will do
The essential functions and responsibilities of this position include but are not limited to the following:
Offensive Security Program Ownership
Own the end‑to‑end offensive security lifecycle, including planning, scoping, scheduling, execution oversight, reporting, remediation tracking, and closure
Define and continuously improve offensive security processes, playbooks, standards, and engagement models
Ensure offensive security activities align with enterprise risk priorities, threat intelligence, and regulatory expectations
Planning, Scheduling & Coordination
Lead annual and quarterly offensive security planning, ensuring coverage across critical assets, applications, and business services
Coordinate schedules for Red Team exercises, adversary emulation, purple team activities, and third‑party engagements
Act as the single point of orchestration between Red Team operators, detection/defensive teams, engineering partners, and external vendors
Delivery Oversight (Red & Purple Team)
Provide delivery oversight for Red Team assessments, adversary emulation exercises, and detection validation activities
Ensure engagements are executed in accordance with approved rules of engagement, legal, operational, and risk constraints
Support Purple Team exercises by ensuring findings are actionable and mapped to detection and response improvements (e.g., MITRE ATT&CK)
Remediation Tracking & Issue Management
Own the lifecycle tracking of offensive security findings from identification through remediation and validation
Partner with technology and engineering teams to ensure clear ownership, prioritization, and timelines for remediation
Track exceptions, compensating controls, and deferred risks in line with enterprise risk processes
Validate closure of issues through retesting or evidence‑based assurance
Audit & Assurance Facilitation
Act as the primary point of contact for audit, regulatory, and assurance activities related to offensive security
Prepare evidence, artifacts, walkthroughs, and responses for internal audit, external audit, and regulatory reviews
Ensure offensive security activities are defensible, repeatable, and well‑documented
Advisory & Stakeholder Engagement
Provide advisory support to application, infrastructure, and platform teams on secure design and threat exposure
Influence upstream risk reduction by advising on patterns observed through offensive testing
Build strong working relationships across security, engineering, IT operations, and risk teams
Program Maturity & Continuous Improvement
Identify opportunities to improve efficiency, coverage, and impact of offensive security activities
Incorporate lessons learned, emerging threats, and control gaps into future plans
Support capability uplift across offensive security, detection engineering, and vulnerability management
Position Requirements and Qualifications:
5-7 years’ experience in operational Cyber Security roles
University degree in computer science, computer engineering or computer security.
A strong understanding of information security concepts and security trends and practices
Problem solving with creative solutions.
Maintain high technical knowledge of systems and solutions.
Industry certifications (SANS/CEH/CISSP) are a strong asset.
Strong communication and presentation skills
Preferred knowledge or qualifications in the following:
Defense in depth security concepts including CISA, MITRE, NIST, TIBAS, CREST, I-CRT, TIBER-EU frameworks.
Service Now
Confluence
Job Category:
IT - Technology ServicesPosting End Date:
10/07/2026