Senior Red Team Operator

You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world. Job Description: Position Summary: The primary objectives for the Information Security team are to protect confidential and sensitive information and to maintain operational stability resulting from cyber-attacks. Offensive Security (Red Team) members contribute to these objectives by performing assessments that proactively identify security exposures within the Sun Life environment that go beyond the realm of traditional penetration testing. A successful senior red team operator, specializing in offensive security, must possess a diverse set of competencies to effectively simulate cyberattacks and identify vulnerabilities within an organization's systems. Firstly, a deep understanding of various attack vectors and techniques is essential, including knowledge of malware, social engineering, and exploit development. Additionally, proficiency in network and application penetration testing is crucial for identifying weaknesses in infrastructure and software. Strong analytical skills are necessary to assess risks and prioritize targets accurately. Effective communication skills are vital for conveying findings and recommendations to stakeholders. Finally, adaptability and creativity are indispensable traits for devising innovative attack strategies and staying ahead of evolving threats in the cybersecurity landscape. What you will do The essential functions and responsibilities of this position include but are not limited to the following: Offensive Security Program Ownership Own the end to end offensive security lifecycle, including planning, scoping, scheduling, execution oversight, reporting, remediation tracking, and closure Define and continuously improve offensive security processes, playbooks, standards, and engagement models Ensure offensive security activities align with enterprise risk priorities, threat intelligence, and regulatory expectations Planning, Scheduling & Coordination Lead annual and quarterly offensive security planning, ensuring coverage across critical assets, applications, and business services Coordinate schedules for Red Team exercises, adversary emulation, purple team activities, and third party engagements Act as the single point of orchestration between Red Team operators, detection/defensive teams, engineering partners, and external vendors Delivery Oversight (Red & Purple Team) Provide delivery oversight for Red Team assessments, adversary emulation exercises, and detection validation activities Ensure engagements are executed in accordance with approved rules of engagement, legal, operational, and risk constraints Support Purple Team exercises by ensuring findings are actionable and mapped to detection and response improvements (e.g., MITRE ATT&CK) Remediation Tracking & Issue Management Own the lifecycle tracking of offensive security findings from identification through remediation and validation Partner with technology and engineering teams to ensure clear ownership, prioritization, and timelines for remediation Track exceptions, compensating controls, and deferred risks in line with enterprise risk processes Validate closure of issues through retesting or evidence based assurance Audit & Assurance Facilitation Act as the primary point of contact for audit, regulatory, and assurance activities related to offensive security Prepare evidence, artifacts, walkthroughs, and responses for internal audit, external audit, and regulatory reviews Ensure offensive security activities are defensible, repeatable, and well documented Advisory & Stakeholder Engagement Provide advisory support to application, infrastructure, and platform teams on secure design and threat exposure Influence upstream risk reduction by advising on patterns observed through offensive testing Build strong working relationships across security, engineering, IT operations, and risk teams Program Maturity & Continuous Improvement Identify opportunities to improve efficiency, coverage, and impact of offensive security activities Incorporate lessons learned, emerging threats, and control gaps into future plans Support capability uplift across offensive security, detection engineering, and vulnerability management Position Requirements and Qualifications: 5-7 years' experience in operational Cyber Security roles University degree in computer science, computer engineering or computer security. A strong understanding of information security concepts and security trends and practices Problem solving with creative solutions. Maintain high technical knowledge of systems and solutions. Industry certifications (SANS/CEH/CISSP) are a strong asset. Strong communication and presentation skills Preferred knowledge or qualifications in the following: Defense in depth security concepts including CISA, MITRE, NIST, TIBAS, CREST, I-CRT, TIBER-EU frameworks. Service Now Confluence Job Category: IT - Technology Services Posting End Date: 10/07/2026 Shine together At Sun Life, you can be your most brilliant self. Our supportive, flexible, and inclusive work environment is one where you - and your career - can thrive. Whatever your aspirations, collaborative leaders and colleagues are ready to help you learn, grow, and succeed. Make life brighter We're a global company with a passion for people. Our purpose is to help Clients achieve lifetime financial security and live healthier lives. As a team of 30,000 across 26 countries, our impact is far-reaching, and locally relevant There's power in numbers. As part of Sun Life's growing team, you have an impact on people in your community and around the world. Shape the future With an optimistic eye on a brighter future, we drive to innovate. Be part of leading change, push boundaries and try new ways of working. Use data to drive bold actions. Be agile and pivot as we test and learn. At Sun Life, we're driving transformation, sustainability and innovation for our Clients, employees, partners, and communities. Join us. Together, we can make the future brighter.Join a top employer for a brighter future. Visit