**The Opportunity** The Lead Security Architect is responsible for supporting projects that apply new and existing technologies and solutions to solve business needs in the cyber security space, for the US business segment. This Architect works with other architects, engineers, technical SMEs, segment security office, operational support staff both within IT, and other business units to provide and maintain solutions that meet business and technical requirements. **This role is an individual contributor role at the Director level.** The Architect will assist in the development of technology roadmaps and documentation related to the IT security domain; act as the subject matter expert in a variety of cyber security domains such as Identity and Access Management (IAM), SIEM integration, IR automation, etc. The Architect will maintain a solid understanding of the entire Information Security landscape for the segment. Ther role presents an unique opportunity to join a team and company whose work will have direct impact on company direction, our customers, and our industry. **Office location: Boston - USA or Toronto - Canada** **Work arrangement: Hybrid - 3 days in office, 2 days from home** **Remote working arrangement option is not available.** **Position Responsibilities:** + Assist in the development of security strategies and implementation roadmaps centered around a Zero-Trust philosophy. + Design security architecture for Security Operations and integration with SIEM (both in-cloud/on-prem). + Develop and support key security solutions in the GRC, SOC, SIEM and IAM space. + Partner with segment security office to define and lead related standards, patterns and drive implementation through processes and automation. + Understand complex modern and legacy integrations and business information models to ensure integrity and a strong security profile. + Developing large enterprise solutions with respect to developing security controls, methods to mitigate security risks. + Participate and lead conceptual, solution, and component-level architectures and associated artifacts. + Support the evaluations of third-party suppliers, products and solutions with a focus on the security aspects of the solutions. + Review, advise, and provide feedback on architectures produced within and outside the team. + Provide consultation and guidance to aligning to global security standards, guidelines, and patterns. + Develop reference architecture and reference implementation patterns related to security solutions. + Participate in internal investigations and incident response events. + Ability to influence security vendors to resolve issues and update roadmaps. + Partner with other architects in IT, enterprise security and services teams in designing and maintaining modern and secure solutions. + Research and evaluate impact of new vulnerabilities, security alerts and threat intelligence. + Stay informed of new security technologies and solutions to assist in the on-going development of the overall security strategy. + Build and maintain relationships with key customer's technical staff members and with internal stakeholders from IT, customer service and field operations. + Promote a corporate culture that is committed to information security best practices. + Function with a high degree of integrity with an ability to keep information confidential. + Be able to provide hands-on configuration and support for the projects and services you are involved in. + Participate in after-hours support as needed to respond to security incidents. **Required Qualifications:** + Bachelor’s Degree preferred, Master’s Degree a plus. + CISSP or other security certifications are a plus. + Minimum of 10+ years of relevant work experience related to cyber security. + **MUST have experience as a Security Architect** + Experience and knowledge of security functions (AuthN, AuthZ, Transport Security, Secure Configuration, Data validation/sanitizations, security exceptions logging) + Knowledge of Vault capabilities and Security Incident and Event management systems + Experience with Threat modeling and secure testing methodologies. + Experience with Cloud Native (12-Factor) Architecture and Infrastructure Patterns. + **Solution architecture support for all segment initiatives from end-to-end security perspective.** + **Security architecture roadmap and maturity for the segment - current state to target state.** + **Contribution to security best practices, patterns, principles for the segment and represent the same in global communities.** + Proficient across multiple operating systems such as Microsoft, Apple and Linux. + Fundamental understanding of network protocols and network security concepts. + Familiarity with Cloud (SaaS, IaaS, PaaS) environments and best practices for securing these environments with experience in Azure, AWS or GCP. + Familiarity with incident response tools and digital forensics concepts preferred. + Knowledge of industry frameworks such as NIST. + Strong knowledge and experience with devSecOps principles, patterns. + Detail-oriented with strong conceptual, analytical, problem solving, decision making and planning skills. + Must have the ability to utilize application, scripting and operating system commands to configure, debug, and monitor large scale production systems. + Knowledge of modern software development lifecycles, including Agile and iterative development. + Excellent written and oral communication skills; and demonstrated ability to interact with technical, non-technical, and business members of the organization. + Ability to accurately interpret business direction and clarify technology's alignment with stakeholder needs. **_When you join our team:_** + We’ll empower you to learn and grow the career you want. + We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words. + As part of our global team, we’ll support you in shaping the future you want to see. \#LI-JH **Acerca de Manulife y John Hancock** Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite http://www.manulife.com . **Manulife es un empleador que ofrece igualdad de oportunidades** En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente. Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a recruitment@manulife.com . **Ubicación principal** Boston, Massachusetts **Semana de Trabajo Comprimida** Híbrido **Se prevé que el rango salarial esté entre** $124,250.00 USD - $230,750.00 USD Si se está postulando para este puesto fuera de la ubicación principal, póngase en contacto con recruitment@manulife.com para conocer el rango salarial de su ubicación. El salario real variará según las condiciones locales del mercado, la geografía y los factores relacionados con el trabajo pertinentes, como conocimiento, habilidades, calificaciones, experiencia y educación/capacitación. Los empleados también tienen la oportunidad de participar en programas de incentivos y obtener una compensación de incentivos vinculada al desempeño comercial e individual. Manulife/John Hancock ofrece a los empleados aptos una amplia variedad de beneficios personalizables, entre ellos, beneficios de salud, odontológicos, de salud mental, oftalmológicos, por discapacidad a corto y a largo plazo, cobertura de seguro de vida y por muerte accidental y desmembramiento, adopción/subrogación y bienestar, y planes de asistencia al empleado/familiar. También ofrecemos a los empleados admisibles varios planes de ahorro para la jubilación (incluidos planes de ahorro 401(k) o de pensiones y un plan mundial de propiedad de acciones con contribuciones equivalentes del empleador) y recursos de asesoramiento y educación financiera. Nuestro generoso programa de días libres pagos en EE. UU. contempla hasta 11 días festivos, 3 días personales, 150 horas de vacaciones y 40 horas de licencia por enfermedad (o más cuando lo exija la ley) por año, y ofrecemos todos los tipos de licencias contempladas por la ley. **Conozca sus derechos (https://www.dol.gov/agencies/ofccp/posters)** **Permiso Familiar y Médico** **Ley de Protección del Empleado contra el Examen Poligráfico (https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/eppac.pdf)** **Derecho al Trabajo** **Verificación Electrónica (E-** **Verify** **)** **Transparencia Salarial (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf)** Company: John Hancock Life Insurance Company (U.S.A.)