Skip to main content

Job ID:

Job Category:


Job Type:

Date Posted:

Apply Now >>    
Job Title :
Security and Risk Officer
Job ID :
Category :
Information Technology
Location :
Waterloo, ON CA
Job Type :
Full Time
Posted On :
Job Description :

Are you looking for unlimited opportunities to develop and succeed?  With work that challenges and makes a difference and a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.


Canadian Information Risk Management (CIRM) is an influential team of technology and I.S. risk leaders that are key to shaping and securing the direction of Manulife; not only as a financial services institution but also as a technology company. We provide services to the Canadian division of Manulife that manage the information risks inherit to financial services which are compounded by the accelerating pace of technology and industry changes.  We accomplish this through mature processes of assessing information risk, providing governance oversight, and by rolling out tools, technologies and processes.
The Opportunity
As a strategic member of the Information Security Team within CIRM, you will have a vital role of reducing risks to Manulife‚Äôs assets. You will accomplish this by ensuring our processes for vulnerability management are strong and effective. While the initial focus of the role is vulnerability management, longer term it will have the opportunity to participate in a wide array of interesting and challenging tasks.  You will be a significant contributor, providing risk management consulting services across Canadian division.
As a Security and Risk Officer, you will:
  • Champion the vulnerability management program for Canadian Division, working with Canadian Division business units to develop strategies and improve vulnerability management practices.
  • Design a server deployment process to ensure vulnerabilities are fixed before servers are promoted to production. 
  • Help business units improve their patching posture and adopt automation:
    • Identify and drive removal of unneeded and end of life software
    • Enhance vulnerability reporting capabilities
    • Identify and drive upgrades of unsupported software which poses the greatest risks
    • Educate business units on their role in the vulnerability management process
  • Drive remediation for application and infrastructure vulnerabilities which may be identified through penetration tests, code scans, etc.  Follow-up with business units to schedule remediation and connect them with subject matter experts as needed.
  • Help improve the quality of asset data used for vulnerability management. Work with business units to implement asset management automation.
  • Monitor and report on vulnerability management metrics across the Canadian Division.
  • Have an opportunity to participate in other information risk management efforts such as:
    • Assessing new technology and systems
    • Improving application security
    • Advising management on risks
    • Assessing security practices of service providers

Experience and Qualifications
  • 5 years of relevant information security and information risk management experience.
  • Post secondary diploma or degree in computer science fields of study is desirable but not required.
  • Professional certification(s) related to information security or information risk management such as CISSP, CISM, CISA, GIAC are preferred.
  • Prior experience with vulnerability management and tools such as Qualys is preferred.
  • Strong communication and negotiation skills.
  • Influences others across the organization to accomplish their objectives.
  • Works independently and takes initiative.
  • Handles conflict well and maintains their professionalism at all times.
  • Takes ownership for their objectives and ensures they are achieved.
  • Functions well as part of a distributed team.
  • Strong analytical skills. 
About Manulife
Manulife Financial Corporation is a leading international financial services group that helps people achieve their dreams and aspirations by putting customers' needs first and providing the right advice and solutions. We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions. At the end of 2016, we had approximately 35,000 employees, 70,000 agents, and thousands of distribution partners, serving more than 22 million customers. As of September 30, 2017, we had over $1 trillion (US$806 billion) in assets under management and administration, and in the previous 12 months we made $27.1 billion in payments to our customers. Our principal operations are in Asia, Canada and the United States where we have served customers for more than 100 years. With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.
Information Technology
Apply Now >>    
Link for schema


Any personal information you provide through this site will be privy only to Manulife for the purpose of evaluating your qualifications and experience. At all times, your personal information will be protected by the application of our Privacy Policy.