Our student and new graduate programs offer a chance to explore Sun Life from the inside. You’ll make a difference in the lives of our customers and communities, while building the skills and experience that allow you to grow in a meaningful and rewarding way.
Job Description:
Location: Canada (Hybrid / Remote)
Business Unit: Digital Security & Threat Management (DSTM)
Function: Application Security
This role directly supports Sun Life’s multi-year Offensive Security maturity and professionalization program, with a targeted submission for CREST accreditation in 2027. The CO-OP student will contribute to accreditation readiness activities including process alignment, evidence development, quality assurance practices, and supporting documentation that demonstrate Sun Life’s capability to deliver defensible, repeatable, and industry-recognized penetration testing services.
CREST accreditation is a globally recognized benchmark for penetration testing service providers, emphasizing technical competence, ethical conduct, quality assurance, and governance. This role is designed to build sustainable organizational capability rather than individual-only expertise.
Sun Life is a leading global financial services organization committed to protecting client data, maintaining trust, and enabling resilient operations. Our Digital Security & Threat Management function proactively identifies and reduces cyber risk through advanced security testing, threat-informed assessments, and strong governance aligned to regulatory expectations.
The Application Security CO-OP Student will support enterprise penetration testing and adversary simulation activities while contributing to Sun Life’s CREST accreditation readiness initiative. This role provides hands-on experience in ethical hacking within a regulated financial services environment, with a strong emphasis on documentation quality, process discipline, and defensible security testing practices.
CREST Accreditation Readiness (Primary Focus):
Support CREST accreditation gap analysis by mapping existing processes, templates, and controls to accreditation expectations.
Assist in the development and maintenance of evidence packs demonstrating quality assurance, peer review, and defensible testing.
Help refine documentation templates, checklists, and reporting standards aligned to CREST guidance.
Support tracking and reporting of training, certification readiness, and process maturity metrics contributing to 2027 accreditation goals.
Red Team & Penetration Testing Support:
Support penetration testing engagements across intake, scoping, execution, reporting, and remediation intake.
Assist with reconnaissance, validation, and testing activities under senior supervision and defined rules of engagement.
Maintain accurate testing logs and supporting evidence in accordance with internal standards.
Learning & Development Outcomes
Hands-on exposure to enterprise Application Security and Red Team operations in a regulated financial services environment.
Experience producing audit-ready, defensible penetration testing documentation. Understanding how professional accreditation bodies assess people, process, and quality assurance.
The Base Pay range is for the primary location for which the job is posted for. The Base Pay which you will be considered for will vary depending on the Campus program you are selected for.
Eligible Sun Life employees for various Campus Graduate programs will also participate in various incentive plans, payment under which is discretionary and subject to individual and company performance
Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our Clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.
Persons with disabilities who need accommodation in the application process, or those needing job postings in an alternative format, may e-mail a request to thebrightside@sunlife.com.
We are proud to be a hybrid organization that offers our employees the choice and flexibility to work from both the office and virtually based on the needs of the business, our Clients and you! Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.
We may use artificial intelligence to support candidate sourcing, screening, interview scheduling.
We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.
Job Category:
Temporary EmployeePosting End Date:
21/04/2026