We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today. 

Working Arrangement

Hybrid

Job Description

The opportunity

Job Description:

The incumbent will review, analyze, and architect Zero Trust security configurations, designs, and solutions. apply threat modeling techniques for developing custom-tailored Zero-Trust controls that apply to secure design and architecture methodologies for network, data, and application deployments and work to infuse Zero Trust design principles across all pillars in a Zero Trust model. You will support enterprise-wide, end-to-end Zero Trust architecture projects involving cutting-edge technologies and concepts. You will help consult on Zero Trust security technologies, tools, and techniques and communicate the complexities of security with a wide variety of audiences, including senior management.

Additional job duties will include:

Working with the Network engineering team and voice team, embed network security controls into network, network security and voice service solutions.Design/review cloud network security architecture for new data centers.Define or review security hardening standards for various infrastructure technologies. Review effectiveness of hardening compliance checks.Classify subnets into zones and subzones for network security policy enforcement.Assist implementation of new zero trust micro-segmentation solutions such as defining use cases, trust zones, defining policies, approving exceptions.Working with the project risk assessor and the project team, proactively identify security risks in infrastructure design and implementation projects.Review and document current system security measures and recommend enhancements.Establish and automate a process for annual review of firewall rule and cloud network security ACLs.Lead network security remediation projects.Enhance micro-segmentation for cloud network.Design automated process for continuous monitoring of network security.Review, assess vulnerabilities affecting network and voice systems managed by the network team.Perform annual RCSA exercise with the network team to check compliance with all security standards across all products.Provide oversight and guidance to the network team to measure if all expected security controls are established and operated effectively.Be a facilitator in network security audit.Respond to regulatory inquires on network security matters.

Required Skills / Competencies:

Undergraduate degree in computer science or engineering.Information security (CISSP, CISM, SANS) and auditing (CISA) designations.A minimum of 10 years of experience in progressively responsible IT security roles.Broad knowledge of security architecture and controls in various infrastructure platforms (e.g. hosting networking, end user technology, cloud computing including Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).In-depth knowledge and experiences on network security aspect of zero-trust strategy and its implementation.In-depth knowledge and experiences on networks security related processes and controls, products, features, especially on cloud network security.Ability to challenge the status quo, assess business risk and make appropriate decisions.  Ability to deal with a constantly changing environment and the diverse and complex issues associated with it.Good understanding of IT Governance and Risk ManagementDemonstrate professionalism and a positive attitude in difficult situations, and ability to work effectively with any organizational politics.Collaborating with management to obtain a consensus on establishing the problem, risks exposure, and corresponding recommendation to resolve the risk exposure.Excellent skills required for interacting with cross functional teams in different locations.  Demonstrated ability to work effectively in diverse environments and cultures, across a number of office locations.Well-developed impact and influence skills.Track record of building strong relationships across business functions.Ability to act with integrity and independence is at the core of information risk management.Excellent customer focus and commitment to quality.Ability to effectively communicate ideas and recommendations orally and in writing, at Division and Corporate levels, and to listen and consider ideas of others.  Able to communicate in non-technical terms in a clear and concise manner.Ability to quickly understand technical processes and their risk implications, analyze complex situations, reach appropriate conclusions, make value-added and practical recommendations and influence management to take appropriate actions on recommendations.   Ability to understand the business impact of information risk management issues.Demonstrated ability to deal effectively with staff at all levels from engineers to AVPs.Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized.  Results oriented; ability to balance multiple priorities and projects.Ability to work with teams in Eastern Time zone, i.e. evening meetings occasionally.Prioritization and time management in a multi-tasking environment; meeting commitments while maintaining flexibility to meet changing priorities.

What motivates you?

You obsess about customers, listen, engage and act for their benefit.You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.You thrive in teams and enjoy getting things done together.You take ownership and build solutions, focusing on what matters.You do what is right, work with integrity and speak up.You share your humanity, helping us build a diverse and inclusive work environment for everyone.

What can we offer you?

A competitive salary and benefits packages.A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.A focus on growing your career path with us.Flexible work policies and strong work-life balance.Professional development and leadership opportunities.

Our commitment to you

Values-first culture
We lead with our Values every day and bring them to life together.Boundless opportunity
We create opportunities to learn and grow at every stage of your career.Continuous innovation
We invite you to help redefine the future of financial services.Delivering the promise of Diversity, Equity and Inclusion
We foster an inclusive workplace where everyone thrives.Championing Corporate Citizenship
We build a business that benefits all stakeholders and has a positive social and environmental impact.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as ‘MFC’ on the Toronto, New York, and the Philippine stock exchanges, and under ‘945’ in Hong Kong.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.