IT Business Unit Security Officer

We are seeking a talented Business Unit Security Officer (BUSO) to join the Cybersecurity, Resilience & Governance (CRG) team.

A successful BUSO will serve as a trusted partner and subject matter expert to the business and empower them to protect their information assets and intellectual property. You will help securely implement new technologies and tools, foster consistency through common methodologies and stay fully aligned with cybersecurity issues and efforts. As a BUSO, you will enable business and IT partners to recognize and manage their cyber and information risk in a dynamic business environment. You will participate in critical projects and initiatives to ensure information risk is always considered and managed.

• Perform application risk assessments from a technical security and information risk management perspective, this includes risk identification based on information criticality through to control implementation and management of risk acceptance by business areas
• Provide application and operational security consulting services to IT, partners and clients
• Maintain among all levels of business line staff a high level of awareness about security issues and control objectives
• Identify and communicate known information security control issues to business area teams providing guidance (as necessary) and oversight to ensure timely remediation of the issues
• Provide support to other risk teams as necessary to address high priority risks
• Support adherence to global information security policies and standards; work with business units and technical teams to implement solutions that comply with security policies and processes
• Actively participate in your team’s plans to achieve their goals, this includes goals that originate from CRG and the business. Participate in frameworks used to measure and report on progress towards the achievement of goals
• Stay current on emerging technologies, key business drivers, evolving threats and opportunities from both the business and CRG
• Collaborate with other CRG professionals within the US segment and across the company
• Participate in divisional and global CRG projects and initiatives as requested. Ensure business requirements and needs are considered in initiatives, projects and services.

• 7+ Years of experience
• General operating knowledge of security for applications and infrastructure, security threat/risk/data classification
• Solid understanding of Generative AI foundations, principles and tools
• Proven ability to build relationships, engage and influence others, and work with diverse internal and international user communities as well as vendors
• The ability to work both independently and as part of a team, managing multiple priorities and deadlines
• The ability to work within agile development teams
• Strong communicator and active listener with the ability to effectively articulate risk from both a business and technical standpoint to personnel with varying degrees of technical knowledge

• Fewer years of experience in security is acceptable if you have systems development experience with a proven ability to implement secure applications
• Professional certification for information security (or willingness to begin acquiring)– CISSP, CISA, CRISC, GIAC or similar credentials

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we’ll support you in shaping the future you want to see.

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit the Manulife website (https://www.manulife.com/en/about/our-story.html).

Manulife/John Hancock embraces diversity and strives to foster an inclusive work environment. We are committed to fair recruitment, retention, advancement and compensation, and we administer all practices without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other legally protected status.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.

Referenced Salary Location: Toronto, Ontario

Working Arrangement: Hybrid

Salary range is expected to be between 113,000.00 CAD - 163,000.00 CAD. If you are applying for this role outside of the primary location, please contact recruitment@manulife.com for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact recruitment@manulife.com for more information about U.S.-specific paid time off provisions.