Responsibilities:
Continuously evaluate and communicate information security, data privacy, and compliance risks through Information Risk Assessments on applications and projects.Perform periodic identity and access management reviews.Develop and deliver information risk/security/privacy awareness and compliance training programs.Develop, refine, and implement company-wide security policies, procedures, and standards to meet compliance responsibilities.Work with auditors, operations teams, and project delivery teams to conduct key risk audits.Monitor compliance with security policies, standards, guidelines, and procedures.Report to management findings concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.Lead and review security risk assessments for third-party software development teams use or embedded in project deliverables.Provide information risk/security support for development projects to ensure that security issues detected by security testing tools are addressed throughout the software development life cycle.Participate actively in security investigations and internal compliance reviews.Knowledge/Skills/Competencies/Education:
University graduate with a minimum of 5 years of experience or more in related technology risk or information security.Working knowledge of security issues, techniques, and remediation across computer platforms.Experience in the following security domains:Risk and Control AssessmentIdentity and Access ManagementAsset Management and SecuritySecurity OperationsApplication securityISO 27000 ISMS implementation or audit (optional)Exposure to IT control testing, web application development and/or systems administration is a plus.Strong interpersonal skills, including sensitivity and professionalism when communicating across geographical and cultural boundaries.Effective influencing and negotiation skills with the aptitude to achieve consensus in a federated environment.Strong stakeholder and people management skills; able to effectively articulate technical vision, possibilities, and outcomes through strong verbal and written communication.Strong technology background and risk management sense and understanding of how they can impact the business.Strong analytical skills, teamwork capability, and ability to work independently.Good interpersonal communication, management, and presentation skillsA team player who can interact with other control functions on project delivery.Security certifications like CC, Sec+, CISA is a plus.When you join our team:
We’ll empower you to learn and grow the career you want.
We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
As part of our global team, we’ll support you in shaping the future you want to see.
How will you create impact?
The role will report to the Information Security Manager.
What motivates you?
What can we offer you?
A competitive salary and benefits packages.A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.A focus on growing your career path with us.Flexible work policies and strong work-life balance.Professional development and leadership opportunities.
Our commitment to you
We lead with our Values every day and bring them to life together.Boundless opportunity
We create opportunities to learn and grow at every stage of your career.Continuous innovation
We invite you to help redefine the future of financial services.Delivering the promise of Diversity, Equity and Inclusion
We foster an inclusive workplace where everyone thrives.Championing Corporate Citizenship
We build a business that benefits all stakeholders and has a positive social and environmental impact.
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.
Working Arrangement
Hybrid