Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.
Job Summary :
Provide advisory and guidance on Information Risk, Technology Security, Risk and regulatory for information services and business
Execute Information Risk Management practices and controls
Perform and validate Information and Vendor Risk Assessment, participate in due diligence on vendor selection process, identify potential risk and provide guidance of risk mitigation and acceptance process
Assist on formulation of IRM Plan and solutions with various business units in order to ensure that the IRM development and implementation are effective, and in comply with the country and Asia divisional strategies and local regulations
Assist to establish country local risk profiles and appetites, report country IRM risk and performance, the posture and exposures, maintain up to date with IRM metric system
Coordinate country local security activities, including but not limited to application security scanning and penetration test, logical access regular assessment, information risk awareness and readiness for the Business Units
Participates in country governance support the implementation of IRM program objectives, collaborate with Country Information service for IRM project delivery assurance
Understanding of local technology risk regulatory requirements, provides guidance, participate and directly engage in local country regulators’ reviews and exams, ensure compliance with the requirements including framework, guidelines & policies for IRM and IT, maintain of local IT regulatory matrix.
Liaise with internal, external auditors, and regulatory agencies on risk and compliance reviews and exams. Guidance on IT audit planning and scope align with IT control objectives, oversee country audit issues addressed in a timely manner
Incident management, responsible for establishing communication, response & handling in the event of local information risk and incident
Knowledge / Skills / Competencies / Education :
University graduate with minimum 4 years solid experience in Information Risk and Security Management gained in financial industry
Experience in information risk, audit and compliance
Experience in regulatory engagement
Holder of Professional Certificate CISSP, CISA and or CISM. CBCP would be an assets
Core Competencies and Skills :
Proficient in English, spoken and written
Proficient in Japanese, spoken and written (for Japan only)
High integrity and professional work practice
Appreciation of peoples and cultures of different countries
Good analytical, teamwork capability and able to work independently
Good interpersonal communication, management and presentation skills
Incident and Problem Management
If you are ready to unleash your potential, it’s time to start your career with Manulife / John Hancock.
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better.
We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.
At the end of 2018, we had more than 34,000 employees, over 82,000 agents, and thousands of distribution partners, serving almost 28 million customers.
As of December 31, 2018, we had over $1.1 trillion (US$794 billion) in assets under management and administration, and in the previous 12 months we made $29.
0 billion in payments to our customers.
Our principal operations in Asia, Canada and the United States are where we have served customers for more than 100 years.
With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.
Manulife is committed to supporting a culture of diversity and accessibility across the organization. It is our priority to remove barriers to provide equal access to employment.
A Human Resources representative will consult with applicants contacted to participate at any stage of the recruitment process who request an accommodation.
Information received regarding the accommodation needs of applicants will be addressed confidentially.