Key skills
AWSCloudFirewallsLinuxScrumKanbanRisk ManagementPenetration Testing
About this role
Role Overview
- The Senior Security Platform Engineer is responsible for effectively planning, designing, implementing, and monitoring security technologies and projects that support Sun Life’s security policies and procedures.
- Your primary responsibilities will be Supporting in Scope Platform and Products and developing use case scenarios, enhancing the security of Sun Life’s corporate and production systems.
- You will work closely with Enterprise Infrastructure, IT operations, Enterprise Architecture, and application development teams to identify risks to the business and lead security solutions to protect customer and financial information.
- The successful candidate must be able to interpret complex information, adapt as needed and have a deep understanding of security risks, data impact and controls to help mitigate the risk and provide countermeasures.
- A Senior Security Platform Engineer is a leader who is expected to participate fully in the planning of the work and to seek opportunities for process improvement.
- The successful candidate is strong in multiple Information Security domains and is expected to lead the efforts to solve complex security problems.
Requirements
- Minimum 5-7 years Information security and engineering experience with enterprise level security technologies in the one or more areas of: Perimeter, Endpoints, Crypto, Cloud, Email Security, Security Visibility, and Automation and Orchestration
- Minimum 3-year experience in successfully leading global information security projects.
- Previous security related experience in penetration testing, security investigations, or red team exercises
- Experience with security control validation (e.g., MSV), including MITRE ATT&CK mapping, translating findings into detection/control improvements, and communicating outcomes using clear reporting and metrics.
- An Information Technology University degree/college diploma in related discipline(s) or equivalent work experience
- Experience with security validation / breach-and-attack simulation platforms (e.g., Mandiant Security Validation (MSV)), including adversary emulation and using results to improve control effectiveness and detection coverage.
- Experience in managing 3rd party security service providers in delivering security services.
- Broad exposure to multiple security disciplines and in-depth exposure in Incident Response or Detection Engineering
- Knowledge of a broad range of security controls and risk management frameworks NIST & (ISO) 2700x standards
- Experience planning, researching, and developing security policies, standards, and procedures.
- Experience in a system administration role supporting multiple platforms and applications.
- Experience with Windows and Linux based operating systems.
- Experience in deploying enterprise level technology via managed projects using Scrum and Kanban methodologies.
- Knowledge of networking technologies, firewalls, web application firewalls and intrusion detection and prevention systems.
- Knowledge of AWS cloud technologies.
- Knowledge of disaster recovery, technologies, and methods.
- Extensive knowledge of Information Security principles, protocols, practices, and industry standards.
Tech Stack
- AWS
- Cloud
- Firewalls
- Linux
Benefits
- Wellness programs that support the three pillars of your health – mental, physical, and financial
- The opportunity to move along a variety of career paths with amazing networking potential.
- Must be able to satisfactorily complete applicable background checks prior to the start date and during employment, in accordance with Sun Life’s policies and practices.