Business Unit Security Officer at Manulife Insurance Malaysia — NeverHard
Business Unit Security Officer at Manulife Insurance Malaysia in Canada. Apply on NeverHard.
Company
Manulife Insurance Malaysia
Location
Canada
Type
not_specified
Join our Canadian Segment Security Technology Team! Reporting to our Director, Business Unity Security Officer, this role belongs to the First Line of Defense. Our team performs risk‑based information security assessments for new technologies and changes to existing IT‑based solutions. We are accountable for identifying threats for both cloud‑based and on‑premises infrastructure, platforms, and services.
Position Responsibilities
Conduct comprehensive risk assessments of technology systems, applications, and infrastructure to identify potential threats, vulnerabilities, and impacts on business operations.
Understand and apply security policies and standards to identify gaps and ensure compliance.
Review and sign off on application security measures during the software development lifecycle, ensuring security requirements are integrated into the DevOps pipeline and security tests.
Consult with business, engineering, and architect teams to integrate security practices into their workflows.
Provide domain expertise in security incident investigations and response.
Peer‑review each information risk assessment and communicate findings to stakeholders.
Deliver training to key team members around the IRM processes.
Respond to audits, regulatory reviews, risk, and controls self‑assessments.
Stay up to date on the latest security trends, threats, and technologies; evaluate existing processes to redefine them.
Required Qualifications
Experience in cloud security, application security, and data protection.
Familiarity with DevOps pipelines and security testing methodologies.
5+ years of experience in a combination of relevant technical disciplines in Information Security (network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity).
5+ years of IT/Information Risk management experience (vendor risk management, project risk management, IT audit or IT controls assessment).
Deep knowledge of cloud computing security and IaaS, PaaS, or SaaS environments.
Knowledge of security frameworks, regulatory requirements and standards.
Excellent business communication skills to lead presentations, facilitate discussion across all levels and audiences.
Influence behavior to reduce risks and foster a strong information security risk management culture.
Problem solving, analytical, and ability to establish new ways/processes to improve.
Collaborative with a coaching and development approach.
Strong time management and organizational skills to manage multiple tasks and changing priorities.
Preferred Qualifications
Background in Computer Science, Information Technology, Software Engineering, Business Administration, or relevant educational and professional experience.
Knowledge and understanding of the financial industry.
Relevant professional designations (CISSP, CRISC, CISM, CISA, GSEC).
Benefits / Team Culture
Empowerment to learn and grow in the career you want.
Recognition and support in a flexible environment where well‑being and inclusion are a priority.
Opportunity to shape the future as part of a global team.
Equal Opportunity Employer
Manulife is an Equal Opportunity Employer. At Manulife/John Hancock we embrace our diversity and strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy‑related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. It is our priority to remove barriers to provide equal access to employment.
#J-18808-Ljbffr