Information Security Manager

We are looking for Information Technology (IT) Security Manager who will be directly reporting to Asia Regional Office Security Officer under the Regional Business Unit Security Office of Asia IT Control & Governance function at Manulife Financial Corporation (MFC). The IT Security Manager will serve as Information Security Officer of BUSO Center of Excellence (BUSO CoE) team.

The BUSO CoE sits within the Asia Information Security and Control & Governance function. Its main mission is to support the market Business Unit Security Officer (BUSO) on specialized tasks. The BUSO CoE team works hand in hand with the regional team and the BUSOs in supporting the execution of the technology controls program. Including BAU, process improvement and project related work. In particular, this includes analyzing high risk service request tickets, reviewing alerts, supporting and conducting information security risk assessments and executing, automating and operationalizing core security processes.

The function sits within Manulife’s line 1b of defense – where we align with leadership to set the risk culture, support IT in identifying and mitigating risks at scale, and provide a common view and narrative of key risks to enable business discussions.  

The BUSO CoE helps line 1b business units to ensure uninterrupted BAU on a day-to-day basis by effectively managing their information and operational risks. To achieve this, we need to ensure success in maintaining internal controls and liaison with Manulife’s line 2b of defense that owns Manulife control policies and standards.

Position Responsibilities:

• Conduct operational tasks that could be centralized (or outsourced) from market BUSOs;
• Work with relevant stakeholders and market BUSO to develop standardized approach on processing tasks which aims to operationalize and streamline processes such that CoE team could handle those effectively and consistently;
• Set up general governance for each task (e.g., reporting structure, onboarding/ offboarding toolkit) and engage market BUSO for follow-up / escalation when required
• Perform knowledge transfer /sharing to new members of the team and/or other IT control and governance team members;
• Coordinate with market BUSOs for regular status update;
• Support operational information risk activities and other operational processes.
• Support security program activities in segment level like performing/facilitating application security assessments and providing application security consulting services to IT and other relevant partners and clients.
• Support security program activities in segment level like performing/facilitating application security assessments and providing application security consulting services to IT and other relevant partners and clients.
• Promote the information risk assessment program across Asia Markets.
• Support in the end-to-end management and timely resolution of security incidents, particularly on Data Loss Prevention (DLP) related incidents.

 **People Leader Role: No

Required Qualifications:

• University/College graduate with 3 – 5 years of progressive experience related to Information Security Management and 3+ years as an Information Security Officer.
• Solid background in Information Security Management, Information Security Risk Assessment (both in project and BAU), Security Incident Handling, Access Review, Data Loss Prevention Management and other security processes like incident/crisis management, access management, vulnerability and patch management, as well as operational processes for business continuity and disaster recovery.
• Profound knowledge and understanding of Manulife’s Information Risk Management Framework (Risk Identification and Assessment, Risk Treatment, Risk Monitoring, Sustain and Independent Review), CIA Triad (Confidentiality, Integrity and Availability), Zero-Trust Tolerance.
• Expert in the following technologies: BlueCat Address Manager, JIRA, ServiceNow, Devo, PowerBI, Process Unity, Confluence, Archer.
• Knowledge of latest technology development and financial services / insurance business.
• Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
• Can distill complex issues into simple reports, solutions, and designs.
• A team player who can interact with other control functions on project delivery
• Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
• Excellent organizational and problem-solving abilities that enable you to manage through creative abrasion
• Proficient in verbal and written communication with the ability to effectively articulate and communicate technical vision, possibilities, and outcomes
• Amenable to work in a hybrid set-up (3x onsite per week)
• Amenable to work in a day shift schedule (may be required to work on mid shift on some occasions, depending on business need)

When you join our team:

• We’ll empower you to learn and grow the career you want. 
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words. 
• As part of our global team, we’ll support you in shaping the future you want to see.

 

** This job description does not represent a comprehensive listing of job duties that are required of the employee performing this role. We reserve the right to change duties or assign additional duties at any time with or without notice.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact hr@manulife.com.

Hybrid