Job Description

We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today.

Working Arrangement

Hybrid



The opportunity

Manulife is looking for a Senior IT Governance, Risk and Compliance Analyst responsible for the day-to-day operation of the Global Cybersecurity Technology Hardening Practices program. The Senior Analyst reviews and documents the key risk and security hardening controls (Configuration Management) in the risk and Control inventory. As part of the responsibilities, the Senior Analyst identifies security control gaps and proposes corrective action plans to solve the non-compliance issues. He / She ensures that appropriate control monitoring and testing is performed. He / She also provides the monitoring and timely reporting of reportable events and incidents during the business period. Furthermore, the Senior Analyst will work with the Cybersecurity team to review all reportable events, incidents, CAPs, and issues and reconsolidate accordingly.

Work arrangement: Hybrid

Duties Include:

Review recommendations and weaknesses in vulnerability tools and take a risk-based approach to remediate them.

Collaborating with management and stakeholders to obtain a consensus on establishing the problem, risk exposure, and corresponding recommendations to resolve the risk exposure.

Understand technical hardening requirements for Operating Systems, Databases, middleware, network devices, and Azure cloud technologies)

Review the risk exception/exemption request and create risk assessment documents for the stakeholders.

Monitor and ensure compliance with relevant security regulations and standards.

Prepare and deliver regular security reports to senior management and stakeholders.

Qualification and skills (must have):

Undergraduate computer science or engineering degree

Must have at least 8+ years of IT industry experience.

A minimum of 3+ years of experience in progressively responsible Cybersecurity roles.

Broad knowledge of security architecture and security controls in various infrastructure platforms (e.g., Windows, Unix Operating Systems, networking, end-user technology, and cloud computing, including infrastructure as a service (IaaS) and Platform as a Service (PaaS).

Must have Qualys Configuration management and Prisma Cloud experience.

In-depth knowledge and experience in network and infrastructure security-related processes, controls, products, and features, especially in cloud network security.

Collaborating with management and stakeholders to obtain a consensus on establishing the problem, risk exposure, and corresponding recommendations to resolve the risk exposure.

Information Security (CISSP, CISM, SANS) and auditing (CISA) designations are highly desirable

Nice to have:

Good understanding of IT Governance and Risk Management.

Knowledge of audit methodologies, control frameworks and risk management practices.

Proficient in Archer GRC and MS Offices (Excel, PowerPoint, Word).

Prior experience with PowerBI and other risk management tools.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as \xe2\x80\x98MFC\xe2\x80\x99 on the Toronto, New York, and the Philippine stock exchanges, and under \xe2\x80\x98945\xe2\x80\x99 in Hong Kong.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact .

Salary & Benefits

The annual base salary for this role is listed below.

Primary Location Toronto, Ontario

Salary range is expected to be between $92,190.00 CAD - $171,210.00 CAD

If you are applying for this role outside of the primary location, please contact for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact for more information about U.S.-specific paid time off provisions.

Manulife