_We are looking for_ **_Application Security Engineer (Threat Modeling)_** _who will be directly reporting to the Manulife ETS Cyber Assessment Application Security Team. Our group is consisting of highly motivated and experienced professionals and is composed of members located across different Manulife locations such as Manila and North America. As part of the ETS Global Cyber Security, we are responsible for the practice of identifying, classifying, monitoring, remediating and/or mitigating security vulnerabilities on applications, network and APIs across the organization._ _Have the skills and experience for the job? Learn more about it below!_ **Position Responsibilities:** + **Strategic Cybersecurity** : Contribute to the strategic guidance on the design of cybersecurity measures for complex systems and networks, incorporating product security strategies such as design principles and security architecture. + **Security Review** : Perform and coordinate in-depth security reviews, pinpoint potential vulnerabilities, and suggest all-encompassing remediation strategies by utilizing threat modeling methodologies and threat assessment frameworks. + **Security Insights** : Provide sound analysis on the security implications of introducing new systems or interfaces within our ecosystem, based on application security best practices, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) implementation. + **Security Architecture Evaluation** : Assess proposed security architectures and designs to ensure they are equipped to meet both current and future security needs. This involves reviewing data flow diagrams for applications/system architectures and identifying potential threats as part of the threat modeling process. **Required Qualifications:** + University/College graduate with at least 2 years of experience related to Application Security and Threat Modeling. + Must have background in application development / technology management. + Good experience in application security architecture. + Comprehensive understanding of security principles and their business implications. + Broad knowledge of networking concepts. + Good background in secure software development methodologies + Familiarity with various application security testing approaches and implementation. + Understanding of penetration testing concepts. + **_Amenable to work UP Ayala Technohub (Quezon City)_** + **_Amenable to work on a hybrid set-up (3x a week onsite)_** + **_Amenable to work on a fixed late mid shift / night shift schedule_** **Must Have / Preferred Qualifications:** + Knowledge of industry trends, regulatory requirements, and their impact on security architecture. + Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement. + Recognizable organizational and problem-solving abilities that enable you to manage through creative abrasion. + Proven stakeholder management skills and able to effectively articulate risk posture, technical vision, possibilities, and outcomes through strong verbal and written communication. + Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision. **When you join our team:** + We’ll empower you to learn and grow the career you want. + We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words. + As part of our global team, we’ll support you in shaping the future you want to see. **Acerca de Manulife y John Hancock** Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite http://www.manulife.com . **Manulife es un empleador que ofrece igualdad de oportunidades** En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente. Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a recruitment@manulife.com . **Modalidades de Trabajo** Híbrido