Director, Information Security

Manulife

Manulife is a leading financial services group. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.

Join our Group Functions (GF) Technology Management Team!

The role will enable business and IT partners to recognize and handle their cyber and information risk in a dynamic business environment. It will participate in critical projects and initiatives to ensure information risk is always considered, assessed and managed. The role serves as a trusted partner to guide the business and empower them to protect their information assets and intellectual property. It will help securely implement new technologies and tools, foster consistency through common methodologies and stay fully aligned and integrated with cybersecurity and risk management practice.

Responsibilities:

• Perform application, key initiative risk assessments from a technical security and information risk management perspective, this includes risk identification based on information criticality through to control implementation and management of risk acceptance by business areas.
• Provide application and operational security consulting services to IT and global/segment data office partners.
• Maintain among all levels of business line staff a high level of awareness about security issues and control objectives.
• Identify and communicate known information security control issues to business area teams providing guidance (as necessary) and oversight to ensure timely remediation of the issues.
• Provide support to other risk teams as necessary to address high priority risks.
• Support alignment to global information security policies and standards; work with business units and technical teams to implement security policies and processes.
• Actively participate in Global Data Technology security & risk management planning activities to achieve department goals and objectives.
• Actively participate in 1B and 2nd line security and risk management frameworks discussions and workshops to ensure proper monitoring and measuring of Global Data Technology's risk performance and posture.

What we are looking for

• Degree in IT, Cyber Security, or other related field.
• Security Certifications: CRISC, CISM, CISSP and/or CISA, but not mandatory.
• 10+ years’ experience in Information Technology, Cybersecurity or Information Security environment.
• Solid understanding of information systems, cloud technology platforms (Hadoop, Azure Cloud), and operation procedures in accordance with established corporate security standards.
• Experience in application or technology risk and controls assessments using ISO 27002, NIST and COSO framework.
• Previous experience working with IT Risk in a large financial institution or other regulated industries.
• Knowledge of Information Security policies, standards and practices.
• Knowledge of compliance, audit, and privacy policies and regulations.
• Knowledge of cyber security technologies like access control solutions, authentication, network security, cryptography, PCI, privacy, and data classification/protection.
• Excellent organizational skills; strong competencies in collaboration, problem solving and influencing key risk decisions.
• Strong written and verbal communication skills.
• Flexible and adaptable when dealing with change and multiple priorities.
• Positive attitude with the ability to deliver within tight deadlines.
• Collaborate with geographically and culturally diverse multi-functional teams.
• Exceptional interpersonal, relationship management and teamwork skills.

What can we offer you?

• A competitive salary and benefits packages.
• A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
• A focus on growing your career path with us.
• Flexible work policies and strong work-life balance.
• Professional development and leadership opportunities.

Our commitment to you

• Values-first culture.
• Boundless opportunity.
• Continuous innovation.
• Delivering the promise of Diversity, Equity and Inclusion.
• Championing Corporate Citizenship.

Manulife is an Equal Opportunity Employer. We embrace our diversity and strive to attract, develop and retain a workforce that is as diverse as the customers we serve. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of any protected ground.

Primary Location: Toronto, Ontario

Working Arrangement: Hybrid

Salary range is expected to be between $110,530.00 CAD - $205,270.00 CAD.