Skip to main content

Job ID:

Job Category:


Job Type:

Date Posted:

Apply Now >>    
Job Title :
Country Information Risk Management Consultant
Job ID :
Category :
Information Technology
Location :
, US
Job Type :
Full Time
Posted On :
Job Description :

Key Result Areas:

  • Execute Information Risk Management practices and controls
  • Provide advisory and guidance on Information Risk, Technology Security, Risk and regulatory for information services and business
  • Perform and validate Information and Vendor Risk Assessment, participate in due diligence on vendor selection process, identify potential risk and provide guidance of risk mitigation and acceptance process
  • Assist on formulation of IRM Plan and solutions with various business units in order to ensure that the IRM development and implementation are effective, and in comply with the country and Asia divisional strategies and local regulations
  • Assist to establish country local risk profiles and appetites, report country IRM risk and performance, the posture and exposures, maintain up to date with IRM metric system
  • Coordinate country local security activities, including but not limited to application security scanning and penetration test,  logical access regular assessment, information risk awareness and readiness for the Business Units
  • Participates in country governance support the implementation of IRM program objectives, collaborate with Country Information service for IRM project delivery assurance
  • Understanding of local technology risk regulatory requirements, provides guidance, participate and directly engage in local country regulators’ reviews and exams, ensure compliance with the requirements including framework, guidelines & policies for IRM and IT, maintain of local IT regulatory matrix.
  • Liaise with internal, external auditors, and regulatory agencies on risk and compliance reviews and exams.  Guidance on IT audit planning and scope align with IT control objectives, oversee country audit issues addressed in a timely manner
  • Incident management, responsible for establishing communication, response & handling in the event of local information risk and incident

Experiences and Qualifications:

  • University graduate with minimum 4 years solid experience in Information Risk and Security Management gained in financial industry
  • Experience in information risk, audit and compliance
  • Experience in regulatory engagement
  • Holder of Professional Certificate CISSP, CISA and or CISM.  CBCP would be an asset

Core Competencies and Skills:

  • Proficient in English, spoken and written
  • High integrity and professional work practice
  • Appreciation of peoples and cultures of different countries
  • Good analytical, teamwork capability and able to work independently
  • Good interpersonal communication, management and presentation skills
  • Incident and Problem Management

Information Technology
Apply Now >>    
Link for schema


Any personal information you provide through this site will be privy only to Manulife for the purpose of evaluating your qualifications and experience. At all times, your personal information will be protected by the application of our Privacy Policy.