Head - Cybersecurity & Infrastructure Audit & Advisory Services

Join Manulife's Audit and Advisory Services team, where we partner with management to enhance risk control and organizational resilience. We deliver insightful reports to senior management and the Board, reinforcing our commitment to excellence and accountability. Our energetic and collaborative team offers exposure to new business areas and influences business management through diverse projects. We prioritize professional development and innovation, offering opportunities like data analytics training to advance your career.

As Head - Cybersecurity & Infrastructure Audit & Advisory Services you will play a key role in enhancing governance and risk management. You'll work globally across North America and Asia, ensuring our technology meets business and regulatory standards. Collaborate with CIOs and global partners, leveraging analytics and tools like Power BI to support our digital transformation. Being part of our mission to become the most digital, customer-centric company in the industry. We support Diversity, Equity, and Inclusion (DEI) programs to foster a diverse and inclusive environment that drives organizational excellence. Join a team committed to your expertise, growth, and development!

As an audit professional at Manulife, you'll use advanced tools like a centralized GRC tool, business analytics, machine learning, and Python to drive impactful audit outcomes. Our Audit and Advisory Services team provides rich learning opportunities, offering exposure to diverse audit strategies and specialized training. These experiences will enhance your technical and soft skills, preparing you for advancement and new roles within the company.

This role offers a unique opportunity to collaborate directly with members of the Global Leadership Team (GLT) and Executive Leadership Team (ELT). By engaging with senior leaders, you will gain valuable insights and visibility, enhancing your leadership skills and professional growth within the organization.

Position Responsibilities:

• Lead IT audit and advisory plan focused on technology infrastructure and cybersecurity.
• Assess the effectiveness of controls and risk management in technology environments.
• Manage a high-performing and engaged team of technology and audit professionals, fostering collaboration, accountability, and a culture of excellence.
• Collaborate with and provide advice to CIOs and global partners to ensure compliance with business and regulatory standards.
• Utilize advanced analytics and tools, such as Power BI, to support audit processes and digital transformation.
• Deliver insightful audit reports to senior management and the Board.
• Provide guidance and mentorship to audit team members.
• Drive continuous improvement and innovation in audit methodologies.
• Support professional development through specialized training in data analytics and technology.
• Engage directly with global leadership to enhance governance and organizational resilience.

Qualifications

• Leadership and stakeholder communication, including reporting to senior executives and audit committees.
• Demonstrated ability to lead and develop high-performing teams of technology and audit professionals, fostering collaboration and continuous improvement.
• Strategic audit planning for infrastructure and cybersecurity domains.
• Risk assessment and mapping to control objectives using frameworks like NIST CSF, ISO 27001, COBIT, and OSFI B-13.
• Expertise in infrastructure security (network segmentation, patch management, privileged access) and cybersecurity (identity compromise, phishing, ransomware, insider threats).
• Ability to design and execute audit programs structured as:
• Strong knowledge of cloud security (Azure, AWS, GCP) and Zero Trust architecture.
• Data analytics and automation for control testing and anomaly detection.
• Professional Certifications: CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager)
• Bachelor’s or Master’s degree in Information Technology, Cybersecurity, or related field.
• 10+ years in IT audit, cybersecurity, or risk management with proven track record in leading audits for infrastructure and cybersecurity domains.
• Familiarity with OSFI, NIST, ISO27001, GDPR, SOX, PCI DSS, and other compliance mandates.

When you join our team:

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we’ll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.

Referenced Salary Location

Salary range is expected to be between

If you are applying for this role outside of the primary location, please contact recruitment@manulife.com for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact recruitment@manulife.com for more information about U.S.-specific paid time off provisions.