Information Risk Management Senior Specialist

Posted:
8/28/2024, 5:00:00 PM

Location(s):
Toronto, Ontario, Canada ⋅ Ontario, Canada

Experience Level(s):
Senior

Field(s):
IT & Security

We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today. 

Working Arrangement

Hybrid

Job Description

The opportunity

The Group Functions IT Information Security and Business Resilience Team is actively searching for an experienced Information Risk Management Senior Specialist, to be responsible for applying identity access security risk knowledge and expertise to assist with IT information security First Line of Defense activities, thereby strengthening Manulife's corporate segment information security posture and ensuring regulatory compliance.

We are seeking an expert in providing comprehensive Identity Access Management services, including offering guidance and advice to enhance our security framework, with the ability to ensure successful implementation and delivery of IAM programs.

Responsibilities

  • Enable your business and IT partners in Manulife’s Corporate Segment (Group Functions) to recognize and manage their information and access risks in an ambitious and dynamic business environment.

  • You’ll participate in key projects and initiatives ensuring information and access risks are always considered.

  • Domain expert who assists business partners and IT colleagues identify and address their information & access security risks by performing access security baseline review for project set up and ensuring that regular access reviews are done moving forward.

  • Provide governance to ensure controls are in place in relation to our Identity and Access Management Standard.

  • Ensure that access to applications, data and information are authorized and reviewed on a regular basis. You’ll promote the importance of access security throughout the organization helping to secure company applications and valued company information. 

  • Perform Access Security Baseline reviews to ensure that accesses to application and data are reviewed and signed off prior Production deployment.  

  • Ensure Separation of Duties (SOD) are implemented in application, infrastructure, and data accesses to prevent unauthorized accesses and activities.

  • Work together with Business and Application Support team members to understand the access framework of their applications and onboard these applications to be reviewed on an automated and regulated frequency.

  • Assist in performing access review validation activities to ensure data integrity and accuracy of Access reviews.

  • Provide application access security consulting services to IT and other team members.

  • Support operational security activities including oversight of ongoing segment specific access security processes (e.g., incident response, audit support, ad hoc queries, periodic access reviews)

  • Highlight gaps and areas for improvement to increase security, and strengthen risk and control posture

  • Assist in ensuring partners are advised and compliant to new and existing controls.

  • Stay informed on emerging technologies, key business drivers, evolving threats and opportunities from both the business and within information access security field.  

How will you create impact?

This role supports Manulife and the Group Functions segment in achieving business objectives, protecting information assets and personnel, and maintaining compliance with regulatory and risk management requirements. You’ll be a critical resource in the overall protection of the organization’s information assets.

What motivates you?

  • You obsess about customers, listen, engage and act for their benefit.

  • You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.

  • You thrive in teams and enjoy getting things done together.

  • You take ownership and build solutions, focusing on what matters.

  • You do what is right, work with integrity and speak up.

  • You share your humanity, helping us build a diverse and inclusive work environment for everyone.


What we are looking for

  • University degree in Computer Science, Information Technology, Software Engineering, Business Administration, or relevant educational and professional experience.

  • Four years or more of experience within a combination of relevant disciplines in the field of Risk Management, application security and Identity and Access Management – can include Access provisioning/deprovisioning, Application Onboarding, Access Reviews)

  • Familiarity with application and data flows, SaaS, PaaS and IaaS

  • Experience with Risk Management, highlighting gaps and managing resolutions

  • Understanding of Azure Identity model and governance is good to have

  • Strong in data analysis, requirement gathering and problem-solving skills

  • Resourceful and able to work independently while still being part of a geographically diverse team, managing multiple priorities within tight deadlines and communicating primarily through online collaboration tools (MS Teams, SharePoint, etc.)

  • Excellent verbal and written communication, facilitation, and interpersonal skills.

  • Influence behavior to reduce risks and foster a strong information access security risk management culture.

  • Takes initiative and complete ownership of tasks and issues as needed

  • Quick learner and able to adapt to unforeseen changes and needs


What can we offer you?

  • A competitive salary and benefits packages.

  • A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.

  • A focus on growing your career path with us.

  • Flexible work policies and strong work-life balance.

  • Professional development and leadership opportunities.


Our commitment to you

  • Values-first culture
    We lead with our Values every day and bring them to life together.

  • Boundless opportunity
    We create opportunities to learn and grow at every stage of your career.

  • Continuous innovation
    We invite you to help redefine the future of financial services.

  • Delivering the promise of Diversity, Equity and Inclusion
    We foster an inclusive workplace where everyone thrives.

  • Championing Corporate Citizenship
    We build a business that benefits all stakeholders and has a positive social and environmental impact.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as ‘MFC’ on the Toronto, New York, and the Philippine stock exchanges, and under ‘945’ in Hong Kong.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application processAll information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact [email protected].

Salary & Benefits

The annual base salary for this role is listed below.

Primary Location

Toronto, Ontario

Salary range is expected to be between

$74,270.00 CAD - $137,930.00 CAD

If you are applying for this role outside of the primary location, please contact [email protected] for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact [email protected] for more information about U.S.-specific paid time off provisions.