Senior Cybersecurity Specialist

We are seeking an expert Senior Cybersecurity Specialist to strengthen our Cyber, Security, Risk & Controls (CSRC) organization. In this role, you will help establish and maintain cybersecurity governance frameworks, assess emerging threats, evaluate vulnerabilities, and ensure compliance with organizational standards and regulatory requirements. You will work closely with engineering, product, and risk partners to guide secure development practices and improve our overall security posture. This position is essential to maintaining continuity in our cybersecurity operations following the departure of the previous role holder.

Position Responsibilities

• Support the development, implementation, and continuous improvement of cybersecurity governance frameworks, risk methodologies, and compliance processes.
• Conduct penetration testing, code scanning, threat modeling, vulnerability assessments, and prioritize remediation based on risk levels and business impacts.
• Configure, validate, and optimize SAST, DAST, and SCA tools (e.g., Veracode, Snyk, SonarQube, BurpSuite) to ensure high‑quality results and actionable insights.
• Lead security assessment intake, triage, documentation, and reporting activities, collaborating with technical teams to implement corrective actions.
• Communicate risk findings, governance improvements, KPIs, and KRIs to senior leaders, and contribute to executive‑level dashboards and risk reporting.

Required Qualifications

• Strong understanding of information security controls, vulnerability management, and risk management frameworks such as NIST CSF and ISO 27001/27002.
• Proficiency with security tools including SIEM, IDS/IPS, endpoint protection, vulnerability scanners, and application security testing platforms.
• Experience with cybersecurity assessment frameworks (OWASP, PTES, OSSTM) and penetration testing techniques.
• Strong analytical and reporting skills, including experience with data visualization tools (Power BI, Tableau).
• Excellent written and verbal communication skills, with the ability to convey risks and recommendations to both technical and business stakeholders.

Preferred Qualifications

• Industry-recognized cybersecurity certifications such as CISSP, CSSLP, OSCP, or equivalent.
• Experience with ServiceNow Security Operations, Archer GRC, and cloud security (Azure, AWS).
• Knowledge of regulatory requirements related to cybersecurity and technology risk management.
• Ability to collaborate effectively in Agile/DevOps environments with cross‑functional teams.
• Experience developing executive dashboards, KPIs, and KRIs for cybersecurity and risk reporting.

When You Join Our Team

• • We'll empower you to learn and grow the career you want.
• • We'll recognize and support you in a flexible environment where well‑being and inclusion are more than just words.
• • As part of our global team, we'll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact

Referenced Salary Location

Working Arrangement

Salary range is expected to be between

If you are applying for this role outside of the primary location, please contact for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact for more information about U.S.-specific paid time off provisions.