This role offers an exceptional opportunity to lead and shape our information security and risk management strategies as the Director of Strategy for Information Security & Risk Management. Reporting to the Information Security and Risk Management Officer, you will collaborate with the Global Risk and Security team to align cybersecurity plans with organizational priorities, enhance security initiatives, and coordinate cross-team activities. Your expertise will be pivotal in maturing all aspects of our security portfolio, ensuring compliance, and driving continuous improvement in our security practices. In return, you will benefit from professional growth opportunities, a supportive work environment, and the chance to make a significant impact on our security posture.

Position Responsibilities:

• Collaborate in developing and implementing comprehensive information risk management and security strategies.

• Assist in the development and integration of security policies, standards, and procedures across the organization ensuring compliance with relevant regulations.

• Support in managing information security risk and in implementing global cybersecurity initiatives.

• Develop a roadmap for sustainable information risk metrics and implement internal best practices for strategy and continuous improvement.

• Mature technical service offerings such as risk assessments, threat modeling, application security and compliance & regulatory programs.

• Collaborate with Technology Leaders to ensure security integration into business processes and operations, and ensure KRIs achieve target goals and remain within established risk thresholds.

• Provide vision and leadership to manage information security risk, ensuring business alignment and effective governance.

• Support the response to information security incidents and breaches.

• Prepare and present reports on information security to senior management.

• Assist in coaching, mentorship, and support to team members in their professional development.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.

• Proven experience in information risk management and information security leadership roles.

• Strong understanding of information security frameworks, standards, and regulations (e.g., ISO 27001, NIST, SOC II, OSFI).

• Strong knowledge of security risk management practices including security architecture, vulnerability and patch management, application security, and cloud security.

• Experience in developing and implementing security strategies and policies.

• Strong problem-solving and decision-making skills.

• Superb communication and interpersonal skills.

• Industry-recognized certification (e.g., CISA, CRISC, CISM, CISSP) or equivalent certification is desirable.

Preferred Qualifications:

• Experience in the financial services industry.

When you join our team:

• We’ll empower you to learn and grow the career you want.

• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our team, you’ll have the opportunity to shape our security strategies and make a significant impact on our organization’s security posture

Thanks

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact [email protected].

Toronto, OntarioHybrid

Salary range is expected to be between

$107,730.00 CAD - $200,070.00 CAD

If you are applying for this role outside of the primary location, please contact [email protected] for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact [email protected] for more information about U.S.-specific paid time off provisions.