Director, Cyber Risk Governance & Regulatory Oversight

Manulife is seeking a highly experienced Director of Cyber Risk Governance & Regulatory Oversight to join our Global Information & Cybersecurity Risk function as part of our second line oversight. Reporting to the AVP, Cyber Risk Governance & Regulatory Oversight, this position will lead the design and execution of independent oversight activities of our cybersecurity and regulatory compliance programs. The successful candidate will play a vital role in ensuring Manulife’s adherence to global regulations from bodies such as OSFI, SEC, MAS, HKMA and SWIFT. The Director will leverage recognized industry framework such as NIST and ISO to safeguard our operations and support our strategic objectives across all regions.

Key Responsibilities:

• Independent Oversight:
  • Lead the independent oversight of cybersecurity risks, ensuring alignment with Manulife’s standards and strategic objectives.
  • Conduct independent assessments against industry frameworks such as NIST and SWIFT.
• Cyber Regulatory Oversight:
  • Oversee and challenge adherence to cybersecurity regulatory requirements.
  • Ensure accurate interpretation and compliance by first-line teams with global regulators including OSFI, SEC, HKMA, MAS, and others.
  • Stay current on emerging technologies and regulatory changes to maintain a robust cybersecurity posture.
• Cyber Risk Reporting & Strategy:
  • Collaborate across first and second lines of defense to develop and report on Key Risk Indicators (KRIs).
  • Support leadership in preparing board-level cybersecurity materials, offering actionable insights on cyber and emerging risks, data security and operational resilience.
  • Partner with the Information Risk team to drive oversight roadmaps and strategies. Ensure efficient and effective processes are in place to provide comprehensive coverage across the enterprise. Identify opportunities to enhance governance practices, improve oversight maturity, and strengthen risk management capabilities.

Key Qualifications:

• 7-10 years in cybersecurity risk management, with strong technical acumen across domains such as identity and access management (IAM), cloud security, network security, and data protection.
• Experience with performing cyber due diligence over mergers and acquisitions
• Experience with designing, implementing and running data protection capabilities including DLP and insider threat prevention
• Experience in different aspects of cyber operations including incident response, threat intelligence /detection, red/blue/purple teaming and threat hunting
• Demonstrated ability to provide strategic oversight, challenge and governance in cybersecurity risk management.
• Experience interpreting and governing cybersecurity regulations from bodies such as OSFI, SEC, HKMA, MAS, and SWIFT.
• Strong understanding of industry recognized frameworks including NIST CSF, ISO27001/27002 and PCI DSS.
• Demonstrated ability to conduct technical cybersecurity assessments against regulatory and industry standards.
• Ability to analyze cybersecurity trends and emerging risks to identify opportunities for improving the organization’s security posture.
• Experience building out strategies and roadmaps related to cybersecurity governance.
• Strong relationship-building skills with the ability to influence and build credibility across diverse stakeholder groups.
• Excellent verbal and written communication skills, with the ability to produce high-quality deliverables for executive and board-level audiences.

When you join our team:

• We’ll empower you to learn and grow the career you want.

• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team, we’ll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.

Referenced Salary Location

Salary range is expected to be between

If you are applying for this role outside of the primary location, please contact recruitment@manulife.com for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact recruitment@manulife.com for more information about U.S.-specific paid time off provisions.