Senior Manager/Associate Director Information Risk Management
Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations. Job Description
The Information Security Management(ISM) Associate Director/Sr Manager role in the Asia ISM team sits in the 2nd line of defense, and is responsible for information risk management assurance work in the Asia segment, in alignment with the mandates and objectives of the Asia segment, as well as Globally. The individual will collaborate and liaise with Country Information Services, Business Units, Global CoE teams and Asia segment stakeholders, participate in the governance structure in order to support the implementation of IRM strategy; and conduct assurance on the IRM activities for the successful implementation of the IRM strategy. The role reports to the Information Security Management(ISM) Lead.
If you are ready to unleash your potential, it's time to start your career with Manulife/John Hancock. About Manulife
- Understand Information Risk Management/Information Security policies and standards and associated security controls especially in the Information Security Management ISM and Technology Risk Management TRM domains.
- Understand organizational capabilities and the gaps in meeting regulations/security trends/policies/standards.
- Provide advisory and guidance on Information Risk, Technology Risk and Regulatory for information services and business.
- Provide consultancy and advisory on IT initiatives and application solutions (processes/technology/architecture) to adhere to policies and procedures.
- Provide consultancy and advisory on threats and vulnerabilities.
- Maintenance and promulgation of the penetration test and vulnerability detection framework. This includes but not limited to the management of the annual penetration tests.
- Provide assurance services on IT security controls functionalities or initiatives e.g. DLP.
- Provides service as Subject Matter Expert for regulatory examinations.
- Conduct 2nd line reviews on the Information Risk Assessments conducted on High Risk initiatives/projects.
- Participate in the enablement of security processes in within methodologies e.g. DevOps, Agile etc.
- Review Security incidents to provide advisory on root cause eradication.
- Provide advisory/assistance to the BUs in the identification of their Risk profile and establishment/maintenance of a Risk Register.
- Provide advisory/assistance to the BUs in the establishment of a Country Information Risk Council for information risk governance.
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions. At the end of 2018, we had more than 34,000 employees, over 82,000 agents, and thousands of distribution partners, serving almost 28 million customers. As of December 31, 2018, we had over $1.1 trillion (US$794 billion) in assets under management and administration, and in the previous 12 months we made $29.0 billion in payments to our customers.
Our principal operations in Asia, Canada and the United States are where we have served customers for more than 100 years. With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.
Manulife is committed to supporting a culture of diversity and accessibility across the organization. It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will consult with applicants contacted to participate at any stage of the recruitment process who request an accommodation. Information received regarding the accommodation needs of applicants will be addressed confidentially.