Senior Manager Information Security Standardization

Company: John Hancock
Location: Ontario
Posted on: January 5, 2022

Job Description:

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You've come to the right place. We're looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we'd like to hear from you.Job DescriptionThe Senior Manager Information Security Standardization is a broadly scoped and highly leveraged role, requiring leadership, strategic mindset, risk assurance and control testing deep expertise combined with strong collaboration, organization, and execution skills.The 2nd line Global Information Risk Management (GIRM) group is standing up an Assurance program to ensure comprehensive, consistent, and rigorous challenge function.-- This Assurance Program will be designed to continue maturing our Manulife 2nd line capabilities so that the critical operating and other issues are identified and remediated on a timely basis and meet OSFI and the related regulatory expectations.This Assurance Program will stand up a 2nd line GIRM Assurance center of excellence (COE), which will standardize the GIRM assurance processes, centralize the related capabilities and resources/People, drive an expansion of the GIRM assurance coverage, and accelerate the automation and support ongoing monitoring future goal.The incumbent will support the Assurance Program and the design of this COE's target operating model. This role will focus on the assurance processes standardization, automation and the assurance overage expansion strategy and roadmap.The Senior Manager, GIRM Assurance Program will report to the Director, GIRM Assurance COE within the 2nd LOD risk organization.Key Responsibilities: Lead the process standardization by establishing and socializing the design and standardization of Assurance COE processes, templates, and tools.Identify and document process automation capabilities, including identifying opportunities for automation, gathering requirements, designing automation, and coordinating with data owners to ensure the availability of data for automation.Design and document the Control Testing sampling methodology.Design and document the COE Control testing and monitoring process.Work with Internal Audit Services and outside consultants to perform independent assessments and perform sample controls testing if required.Support the COE Target operating model design and rollout.Advocate for a strong information risk culture.Stay abreast with evolving information and technology risks, new regulations, laws and requirements for information risk, information security, cybersecurity, information protection and privacy across jurisdictions and overseeing company compliance with as required.Work with information risk teams globally to ensure compliance with Global Information Risk Management processes, procedures, policies, standards, templates, and guidelines.Work with the management to ensure their informed consent and understanding of risk treatments and acceptances.Maintain and foster enduring relationships with internal stakeholders and peers.Job Requirements (Experience/Knowledge/Skills):Minimum 6 years--of progressive leadership in the areas of--Assurance and Control testing, Information Security, Business Resiliency, and Technology Risk.Proven experience in Process improvement and design.Previous audit or 2nd line oversight and assurance experience.--Previous risk advisory consulting experience is preferred.Strong understanding of related best practices and relevant industry framework.Sound knowledge of best practices of various aspects of information risk management and prior experience as a leader in Information Risk.Strong communication skills and ability to explain highly technical information for non-technologists including executives.Strong competencies in collaboration, problem solving and influencing key risk decisionsKnowledge of the regulatory environments in the U.S. and CanadaUniversity degree (Computer Science or related discipline preferred)Recognized professional designations in Information Security, Audit and Business Continuity (e.g. CISSP, CISA, CRISC, FAIR, MBCP)Competencies:Strong communication, consulting, and influencing skillsProblem solving, analytical, innovative, and strategic thinkerStrong stakeholder management and alignment skillsStrong presentation and facilitation skills to all levels and audiencesAbility to develop and maintain strong relationshipsStrong team player (collaborative)Strong time management and organizational skills to manage multiple tasks and changing prioritiesKey Leadership Behaviors:Strategic and innovative problem solvingPresentation skillsCollaborationAccountabilityEvery career at Manulife/John Hancock provides the opportunity to learn new skills and move your career forward. Ready to make an impact somewhere? What are you waiting for? Apply today.About John Hancock and Manulife John Hancock is a unit of Manulife Financial Corporation, a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States, and Manulife globally, including Canada, Asia and Europe. We provide financial advice, insurance and wealth and asset management solutions for individuals, groups and institutions. Assets under management and administration by Manulife and its subsidiaries were CAD$1.3 trillion (US$1.1 trillion) as of June 30, 2021. Manulife Financial Corporation trades as MFC on the TSX, NYSE, and PSE, and under 945 on the SEHK. Manulife can be found at manulife.com.One of the largest life insurers in the United States, John Hancock supports more than 10 million Americans with a broad range of financial products, including life insurance, annuities, investments, 401(k) plans, and education savings plans. Additional information about John Hancock may be found at johnhancock.com.Manulife is an Equal Opportunity EmployerAt Manulife/John--Hancock, we embrace our diversity. We strive to attract,--develop--and--retain--a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention,--advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin,--colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.--It is our priority to remove barriers to--provide--equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process.--All information shared during the accommodation request process will be stored and used in a manner that is consistent with--applicable laws and Manulife/John Hancock policies.--To request a reasonable accommodation in the application process, contact recruitment@manulife.com.Job InfoType: Full timeLocation: Toronto, Ontario

Keywords: John Hancock, Ontario , Senior Manager Information Security Standardization, Executive , Ontario, California