Vp, Information Security

We are a leading financial services provider committed to making decisions easier and lives better for our customers and colleagues around the world. From our environmental initiatives to our community investments, we lead with values throughout our business. To help us stand out, we help you step up, because when colleagues are healthy, respected and meaningfully challenged, we all thrive. Discover how you can grow your career, make impact and drive real change with our Winning Team today.

**Working Arrangement**

Hybrid

**The Opportunity**

The leader of our Information Security Risk Management efforts is responsible for the overall delivery of the enterprise Information Security oversight and challenge, approach across Manulife. The incumbent will serve as a Subject Matter Expert on matters of Information Security and must be a principle driving force to continuously mature those capabilities across Manulife aligned to the Cybersecurity threats we face. This leader will be the content owner for Manulife enterprise Information Security related Standards, will collaboratively craft the approach and roadmap to evolve Manulife’s information security capabilities and will assesses progress against expectation across the enterprise. This leader oversees the enterprise Information Risk Management team ensuring work is managed, prioritized, and completed in alignment with business goals, drivers and commitments.

**Key Accountabilities**
- Delivering information Security expertise and advice to business users and IT users enabling them to manage their Information Security risks efficiently and effectively.
- Managing the Information Security Risk Management team and function with direct reports in multiple locations with responsibility for all staffing decisions related to this team.
- Adjusting and setting risk commitments within the team. In a changing environment, constantly reviewing and balancing the team’s business-as-usual commitments with short-term/immediate priorities and long-term strategic initiatives. Completing short-term planning and creating long-term strategy that will mature information risk management capabilities ensuring the practices keep pace with both internal drivers (company strategy and goals) and external drivers (technology, regulations, threats, vulnerabilities, etc.).
- Fostering and maintaining a talent pipeline to ensure staff openings and hiring are managed proactively; devising training paths and development plans to ensure skills within the team are fostered and strengthened to meet both the current and anticipated demand; maintaining and if appropriate attaining new certifications. Anticipating the needs of skills, knowledge, and tools for their team.
- Being responsible and accountable for team budget and spending.
- Promoting a strong information risk management culture.
- Staying abreast of new regulations, laws, and requirements for relevant risks across jurisdictions and overseeing compliance with same as required. Ensuring staff are properly trained and keep current with information risk and resilience developments, and technology (both in use at Manulife and across the industry).
- Interacting with and cooperating with information risk teams globally ensuring uniform processes and compliance with Global Information Risk Management processes, procedures, policies, standards, templates, and guidelines.
- Maintaining and fostering enduring relationships with internal customers namely, executives and other staff within business lines project managers, developers, and others.
- Maintaining and fostering relationships with executives and peers within the wider Information Risk Management community and others within other second and third-line of defense teams (Audit Services, Operational Risk, Compliance, Investigative Services, Enterprise Risk, etc.).

**Job Requirement**:

- Minimum 10 years progressive leadership in the area of Information Security management, principles, processes and deliverables within a large enterprise.
- Expertise in best practices of various aspects of information risk management and prior experience as a leader in Information Risk.
- Strong communication skills and ability to distill highly technical information for non-technologists including executives.
- Strong competencies in collaboration, problem solving and influence.
- Knowledge of the regulatory environments in Canada and the US.

**Competencies**:

- Strong leadership, communication, consulting, decision-making and influencing skills.
- Superior presentation and facilitation skills to all levels and audiences.
- Ability to develop and maintain strong relationships.
- Solid knowledge and understanding of the industry, ability to understand the strategic direction of the Company and solve operational challenges.
- Strong time management and organizational skills to manage multiple tasks and changing priorities.

**About Manulife and John Hancock**

Manulife Financial Corporation is a