Associate Manager - Technology Infrastructure Security Audit

Manulife’s Internal Audit team is looking for an expert Associate Manager for their Technology Infrastructure Security Audit team. The Senior Technology Auditor / Associate Manager will participate in planning, execution and reporting for large, complex assurance reviews of all types (key risk audits, emerging risk reviews, program and project audits), to deliver high quality, professional, cost-effective, valuable and risk-based audits.

The main responsibility of the role consists of performing audits over areas such as Information Risk Management, Technology Governance, Cybersecurity, Network Security, Identity and Access Management, Data Center Security, Cloud Security, Architecture Reviews, and Business Continuity / Disaster Recovery.

Key Responsibilities :

1. Understand Information Technology control environment to assess and evaluate the effectiveness and efficiency of internal controls and operating practices;
2. Support multiple simultaneous audit projects to ensure time and quality objectives are met. Timely raise potential budget over-runs and resourcing concerns to Engagement Lead;
3. Complete audit projects to cover key risks and contribute to production of meaningful audit reports that clearly articulate the position on risks and related issues;
4. Assist in performing assessments of technology processes, tools and technologies new to the company;
5. Assist in the development of agendas, audit objectives and scope, test procedures, and requests lists;
6. Clearly communicate potential issues and evaluate corrective action plans;
7. Assist with various internal team / department initiatives.

What we are looking for :

1. Good understanding and experience with testing of IT General Controls;
2. Understanding or working knowledge of cybersecurity concepts such as Security Operations (Vulnerability Management, DLP, SIEM etc.), Security Engineering (Cryptography, Cloud Security, Security Architecture etc.), Identity and Access Management etc.
3. Understanding or working knowledge of Network and Network Security concepts and tools such as Network Access Controls, Intrusion Detection and Prevention, TACACS / Radius (Central authentication), Network Penetration Testing (e.g. red teaming) etc.
4. Understanding or working knowledge of information security controls, infrastructure technology, technology governance and assessments, cybersecurity tools (e.g. Qualys), Splunk, Netskope, Zscaler etc.
5. Solid understanding of other technology infrastructure concepts, processes, and associated risks - such as, Active Directory, Operating System, On-premises Data Center etc.
6. University degree in information systems, or other relevant degree, with 3-5 years of experience in a technology audit / risk management role. CISA, CISSP and / or CISM designation are preferred;
7. Solid understanding or prior experience with information systems and operations used in the insurance industry and financial services industry is preferred;
8. Experience analyzing complex data sets;
9. Ability to quickly comprehend business processes and identify the risk implications, analyze complex situations, reach appropriate conclusions, and make valuable and practical recommendations;
10. Results oriented with a keen focus on quality and delivering value; ability to balance multiple priorities and projects; good attention to detail while retaining focus on the “big picture” and top risks; flexible and organized with the ability to oversee multiple projects concurrently;
11. Excellent influencing, and negotiation skills; professional presence, and influence across different areas and levels of management both in Audit Services and Technology;
12. Demonstrable ability to work effectively in diverse environments and cultures;
13. Highest level of integrity accompanied by strong ethical principles.

What can we offer you?

1. A competitive salary and benefits packages.
2. A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
3. A focus on growing your career path with us.
4. Flexible work policies and strong work-life balance.
5. Professional development and leadership opportunities.

Our commitment to you :

1. Values-first culture: We lead with our Values every day and bring them to life together.
2. Boundless opportunity: We create opportunities to learn and grow at every stage of your career.
3. Continuous innovation: We invite you to help redefine the future of financial services.
4. Delivering the promise of Diversity, Equity and Inclusion: We foster an inclusive workplace where everyone thrives.
5. We build a business that benefits all partners and has a positive social and environmental impact.

LI-hybrid

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as ‘MFC’ on the Toronto, New York, and the Philippine stock exchanges, and under ‘945’ in Hong Kong.

Manulife is an Equal Opportunity Employer.

Salary & Benefits

The annual base salary for this role is listed below.

Primary Location

Salary range is expected to be between

74,270.00 CAD - $137,930.00 CAD

If you are applying for this role outside of the primary location, please contact for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education / training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption / surrogacy and wellness benefits, and employee / family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact for more information about U.S.-specific paid time off provisions.