Vice President of Cyber Defense Strategy and Resiliency

Manulife is at the forefront of cybersecurity innovation, safeguarding critical assets with a sophisticated security program. We are seeking a visionary leader to fill the role of Vice President of Cyber Defense Strategy and Resiliency. This executive position is pivotal in shaping the strategic direction of our application security initiatives across all global operations and business lines.

As the Vice President of Cyber Defense Strategy and Resiliency, you will spearhead the development and execution of an enterprise-wide security strategy, ensuring robust protection of our digital infrastructure against evolving threats. Your leadership will drive the integration of security policies into the software development lifecycle, ensuring compliance with regulatory mandates and adherence to industry best practices. Your role will be instrumental in balancing security resilience with business innovation, particularly in the realms of GenAI and AI technologies.

This executive role demands a visionary leader who can drive innovation and resilience in Manulife's cybersecurity posture, ensuring the protection of our global assets while enabling transformative business growth.

Responsibilities:

Global Security Strategy and Implementation:

• Lead the strategic direction of our Vulnerability Management and Application Security programs, ensuring alignment with our global business objectives

• Collaborate with business units to tailor security controls to specific threat landscapes, driving maturity and resilience across teams and services.

• Maintain a security roadmap that aligns with both cyber and business strategies, meeting regulatory and compliance requirements.

• Present to the executive teams across the globe on the current security posture and identify systemic issues.

Security Leadership:

• Mature the existing operating model to provide centralized security services for the identification, assessment and risk-based prioritization of all vulnerabilities.

• Cultivate and lead a high-performing team of cybersecurity experts, fostering a culture of continuous improvement and proactive security measures.

• Drive intelligent remediation through engineering excellence and runtime enforcement, minimizing risk exposure and enhancing security maturity.

• Develop a proactive approach through tools, processes and people to drive a culture of continuous improvement

• Collaborate with segment partners to integrate security controls into DevSecOps and security SDLC practices aligned with industry standards and best practices (OWASP, NIST).

GenAI, AI, Data Security, and Analytics:

• Lead the design and implementation of AI-driven solutions for automated vulnerability detection, prioritization, and remediation.

• Oversee the integration of predictive analytics to forecast emerging threats and vulnerabilities.

• Implement AI-powered anomaly detection for real-time monitoring of applications and infrastructure vulnerabilities and gaps.

• Develop automated response frameworks that leverage AI to identify high-impact vulnerabilities and recommend context-aware remediation paths that align with business priorities.

• Leverage AI-powered solutions based on different CI/CD pipelines used across the organization to enable automated remediation and reporting of vulnerabilities.

• Provide expert guidance and support to business units leveraging AI and GenAI technologies, ensuring that security considerations are effectively integrated into their initiatives

Regulatory Compliance, Governance, and Stakeholder Management:

• Ensure alignment with OSFI and other regulatory frameworks, delivering executive-level insights to the Board and Senior Management.

• Ensure segment-level OKRs are aligned with enterprise goals for security awareness and remediation acceleration.

• Collaborate with Line 1b, Line 2, and Internal Audit teams on security governance matters.

• Work with segment partners to implement appropriate security controls that align with audit, regulatory and compliance requirements.

Security Resilience:

• Drive the integration of security resilience principles and practices into Application security and vulnerability management practices.

• Develop risk-based prioritization for the patching, remediation and protection of critical assets and processes to drive and support their resilience.

• Work with Security Operations teams to ensure that incident response and recovery processes are designed to minimize the impact of security incidents on business operations and maintain the organization's resilience.

• Continuously monitor and assess the organization's security resilience and make recommendations for improvement based on industry’s best practices and emerging threats.

Individual Responsibilities:

• Lead and design cybersecurity solutions for large and complex programs and products.

• Develop strong cross-functional partnerships and provide clear, risk-based reporting to stakeholders.

• Influence stakeholders across the organization to drive maturity and improve security posture.

• Spearhead Application security & Vulnerability management controls globally and enable segments to implement solutions to meet their business needs.

• Provide cybersecurity leadership and strategic vision across the organization and in external forums.

• Leads highly visible multi-disciplinary project teams or initiatives with organizational wide risk and provides thought leadership.

• Proactively identifies and solves the most complex problems, uses game-changing methods to think beyond existing solutions.

• Drives communication of complex business and technical ideas that have an impact on Manulife’s strategic business direction.

Shared Responsibilities:

• Work with Line 2 (Risk) and Line 3 (Audit) to support any assessments

• Work with regulatory and compliance functions to address asks from regulators in various markets

• Participate in industry events to both showcase Manulife’s capabilities as well as build connectivity in the Canadian, USA and other markets

• Work with the GCS leadership to provide clear roadmaps, metrics and operational reporting to segment and other partners.

Preferred Qualifications:

• Strategic and Risk Management: Proven ability to develop long-term strategies aligned with organizational goals, prioritizing vulnerabilities effectively.

• Influence and Collaboration: Strong communication and collaboration skills to engage with global teams and influence security initiatives.

• Educational and Certification Requirements: Master’s degree in relevant fields and CISSP certification required; additional certifications preferred.

• Industry Leadership: Recognized thought leader with experience in managing large teams and influencing industry standards.

• Presentation Skill: Proficient in articulating complex concepts to diverse leadership levels through compelling storytelling and a clear, accessible communication style.

• Technical and Cybersecurity Expertise: Deep understanding of vulnerability management, security technologies, and evolving threats.

• Regulatory and Compliance: Knowledge of cybersecurity legislation and regulations, ensuring compliance and risk mitigation.

• Continuous Monitoring and Innovation: Commitment to continuous improvement through AI and machine learning to enhance security measures.

À propos de Manuvie et de John Hancock

La Société Financière Manuvie est un chef de file mondial des services financiers qui aide les gens à prendre leurs décisions plus facilement et à vivre mieux. Pour en apprendre plus à notre sujet, rendez vous à l’adresse www.manuvie.com.

Manuvie est un employeur qui souscrit au principe de l’égalité d’accès à l’emploi

Chez Manulife/John Hancock nous valorisons notre diversité. Nous nous efforçons d’attirer, de perfectionner et de maintenir une main d'oeuvre qui est aussi diversifiée que nos clients, et de favoriser la création d’un milieu de travail inclusif qui met à profit la diversité de nos employés et les compétences de chacun. Nous nous engageons à assurer un recrutement, une fidélisation, une promotion et une rémunération équitables, et nous administrons toutes nos pratiques et tous nos programmes sans discrimination en raison de la race, de l’ascendance, du lieu d’origine, de la couleur, de l’origine ethnique, de la citoyenneté, de la religion ou des croyances ou des convictions religieuses, du genre (y compris grossesse et affection liée à une grossesse), de l’orientation sexuelle, des caractéristiques génétiques, du statut d’ancien combattant, de l’identité de genre, de l’expression de genre, de l’âge, de l’état matrimonial, de la situation de famille, d’une invalidité ou de tout autre motif protégé par la loi applicable.

Nous nous sommes donné comme priorité d’éliminer les obstacles à l’accès égalitaire à l’emploi. C’est pourquoi un représentant des Ressources humaines collaborera avec les candidats qui demandent accommodement raisonnable pendant le recrutement. Tous les renseignements communiqués pendant le processus de demande d'accommodement seront stockés et utilisés conformément aux lois et aux politiques applicables de Manuvie. Pour demander une mesure d’accommodement raisonnable dans le cadre du recrutement, écrivez à recruitment@manulife.com.

Région de référence du salaire

Modalités de travail

L’échelle salariale devrait se situer entre

Si vous posez votre candidature à ce poste en dehors de la région principale, veuillez écrire à recruitment@manulife.com pour obtenir l’échelle salariale correspondant à votre région. Le salaire varie en fonction des conditions du marché local, de la géographie et de facteurs pertinents liés au poste telles les connaissances, les compétences, les qualifications, l’expérience et l’éducation ou la formation. Les employés ont également la possibilité de participer à des programmes de motivation et de toucher une rémunération incitative liée au rendement de l’entreprise et au rendement individuel.

Manuvie offre aux employés admissibles une vaste gamme d’avantages sociaux personnalisables, notamment une assurance soins médicaux, soins dentaires, santé mentale, soins de la vue, invalidité de courte et de longue durée, assurance vie et assurance DMA, assurance adoption, de maternité de substitution et de soins médicaux non urgents ainsi que des programmes d’aide aux employés et leur famille. Nous proposons également aux employés admissibles différents régimes d’épargne-retraite (y compris des régimes de rente et un programme international d’actionnariat assortie de cotisations patronales de contrepartie) ainsi que des ressources en matière d’éducation et de conseils financiers. Notre généreux programme de congés rémunérés au Canada comprend les jours fériés, les congés annuels, les congés personnels et les congés de maladie, et nous offrons toute la gamme des congés autorisés prévus par la loi. Si vous posez votre candidature à ce poste aux États-Unis, veuillez écrire à recruitment@manulife.com pour obtenir de plus amples renseignements sur les dispositions relatives aux congés rémunérés spécifiques aux États-Unis.