Overview
Security Engineer Jobs in National Capital Region, Philippines at Manulife
Title: Security Engineer
Company: Manulife
Location: National Capital Region, Philippines
We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today.
Working Arrangement
Hybrid
Job Description
Summary
The DevSecOps Engineer is a multi-faceted security role responsible for the identification, tracking, mitigation, remediation, and verification of security vulnerabilities in applications, systems and infrastructure. The successful candidate will combine their knowledge with strong interpersonal skills to ensure that security risks are effectively identified and appropriately addressed while maintaining a balance between security & usability.
Responsibilities:
Assist software development teams with understanding and remediating automated scan results of software source code as well as penetration testing
Assist the Business Unit Security Officers in the risk assessment process by assessing application risks and providing security recommendations for improved application design or coding
Work with the developers throughout the software engineering lifecycle to ensure compliance with secure software development best practices
Drive adoption of US segment code scanning capabilities and of the DevSecOps pipeline
Develop and deliver Cybersecurity analytics that will allow for data driven decisions.
Deliver regular reporting on initiatives, program progress and key areas of risk.
Develop or acquire targeted training for development teams in secure coding and other security practices
Identify, propose and acquire toolsets to assist with the security assessment process in an Agile and DevOps environment
Qualifications:
Minimum of 3 years in IT
Work experience in application security/vulnerability management
Development and/or security-related experience with web applications, web services, and mobile applications including:
at least 1 of the following core languages: Java, .NET, Python, Angular, NodeJS
Experience working on or closely with development teams in the Software Development Life Cycle (SDLC) using DevOps, Agile and/or waterfall methodologies
Ability to understand and interpret vulnerabilities and communicate business impact and remediation actions to management
Ability to rapidly learn new technologies and business functions
Excellent analytical, presentation, and communication (oral and written) skills to work with technical and non-technical audiences
Results-oriented, high energy, self-motivated
Excellent leadership, teamwork, and client service skills
Security related certifications, such as CISSP, CSSLP, or SANS GIAC, a plus but not required
Scripting experience using Powershell/Python is a plus
Familiarity with DevSecOps Tools, a plus
SNYK, Contrast Security, Fortify, CheckMarx, SonarQube, TeamCity, Github, Docker, Kubernetes
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada,…
