The Opportunity
Ensure the integrity and protection of organization data, systems and infrastructure within Manulife. The members work cross-functionally to develop, implement and maintain security measures to ensure protection from cyberthreats and other potential security risks.
What motivates you?
-
You obsess about customers, listen, engage and act for their benefit
-
You think big, with curiosity to discover ways to use your agile mindset and enable business outcomes
-
You thrive in teams, and enjoy getting things done together
-
You take ownership and build solutions, focusing on what matters
-
You do what is right, work with integrity and speak up
-
You share your humanity, helping us build a diverse and inclusive work environment for everyone
We are looking for someone with:
-
7 years above experience in Information Security, IT risk and compliance
-
Degree or above
-
Written and spoken English
-
CISSP, CISA, CISM preferred
-
Experience in Insurance Industry is a plus
-
Immediate available would be highly prefer
On the job you will:
-
Ensure compliance with company and regulatory standards (i.e. IA, AMCM, BMA etc) and requirements.
-
Act as the focal point for any cybersecurity related requests (e.g. annual cybersecurity report, assessment report, cybersecurity survey and other follow up questions regarding to your submission etc) from regulators.
-
Arrange penetration test to identity risk and vulnerability. And work with application team to prepare the remediation plan according to application security requirements.
-
Support both internal and external audits (e.g. SOX) such as conduct pre-audit exercise to raise the awareness of IT team and identify the gaps earlier before the actual audit, act as SME to clarify the audit scope and requirement, coordinate with relevant key stakeholders for different tasks such as walkthrough session, evidence submission. clarification with auditor and regular meeting etc.
-
Support annual cybersecurity incident response tabletop exercise. Identify all key stake holders and design drill scenario according to business/ regulatory requirements. Act as a facilitator/observer to review and verify the effectiveness of existing BCP during the exercise.
-
Conduct information risk assessment, threat modelling, application security readiness review for new initiatives or major change of existing systems to identify and mitigate the potential risks before moving to production environment.
-
Prepare compliance and management reports.
What can we offer you?
-
A competitive salary and benefits packages.
-
A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
-
A focus on growing your career path with us.
-
Flexible work policies and strong work-life balance.
-
Professional development and leadership opportunities.
Our commitment to you
-
Values-first culture
-
We lead with our Values every day and bring them to life together.
-
Boundless opportunity
-
We create opportunities to learn and grow at every stage of your career.
-
Continuous innovation
-
We invite you to help redefine the future of financial services.
-
Delivering the promise of Diversity, Equity and Inclusion
-
We foster an inclusive workplace where everyone thrives.
-
Championing Corporate Citizenship
-
We build a business that benefits all stakeholders and has a positive social and environmental impact.