_As a Business Unit Security Officer (BUSO) within the Information Risk Management team under Global Wealth Asset Management (GWAM) Information Technology First Line of Defense, you will play a critical role in safeguarding the organization’s IT environment. This role involves conducting risk assessments for new and existing applications, infrastructure, and platforms—both on premises and cloud-based. You will be responsible for identifying threats, evaluating their potential impact, validating appropriate protection measures, providing security advisory to stakeholders, and leading cross-functional collaboration to address complex information risk concerns._ **Position Responsibilities:** + Perform information risk assessments in compliance with the global Information Risk Assessment methodology, policies, and standards. + Ensure each completed information risk assessment is peer-reviewed and communicated to various stakeholders. + Develop and enhance security requirements for DevOps environments and collaborate with developers, engineers, and support teams to help implement those requirements in applications, CI/CD pipelines, container workloads, etc. + Provide training and advise key stakeholders on requirements, processes, standards, and best practices around information security and risk management. + Respond to audits, second line of defense review, regulatory reviews, risk and control self-assessments. + Lead and facilitate cross-functional discussions to resolve information risk concerns, ensuring alignment with company standards across technology, business, and risk stakeholders. + Provide ad-hoc support for ServiceNow (SNOW) request handling, including reviewing and approving firewall and security group requests when required. + Track and manage identified information risk issues and associated corrective action plans (CAPs), ensuring timely resolution and closure in alignment with governance requirements. + Candidate must be flexible to work in the morning or in a hybrid environment, as required. **Required Qualifications:** + Experience in application security including secure software assessment tools like SAST, DAST, SCA, IAST, RASP, etc. or similar areas. + IT risk management experience in areas such as vendor risk management, project risk management, IT audit, or IT controls assessment. + Strong Knowledge of security controls, frameworks, regulatory requirements and standards, concepts (e.g. ISO 270XX, MAS, etc.), and industry best practices (e.g. OWASP, CSA, CIS). + Post-secondary education in information security, computer science, information technology, software engineering, or equivalent professional education. + Strong communication, presentation, time management, and facilitation skills to all levels and audiences. + Knowledgeable in AKS, Azure, AI Foundry and GitHub + Exceptional attention to detail, ensuring accuracy and completeness in risk documentation and issue tracking. + Strong interpersonal and collaboration skills to effectively engage with diverse teams and stakeholders + Problem solving, analytical, and innovative mindset. + A team player who can also work independently. + **_Amenable to work on a day/mid shift schedule_** + **_Amenable to work on a hybrid set-up (3x a week onsite)_** **Preferred Qualifications:** + Experience with container orchestration, infrastructure as code, scripting and coding languages (e.g. Terraform, Bash, PowerShell, Python) is an asset. + Relevant professional certifications (e.g. CISSP, CCSP, CRISC, etc.) is an asset. + Understanding of Generative AI (GenAI) concepts and practical applications. + Experience using tools like Power Automate and Copilot Studio to develop solutions that enhance work efficiency and automate tasks. **When you join our team:** + We’ll empower you to learn and grow the career you want. + We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words. + As part of our global team, we’ll support you in shaping the future you want to see. **Acerca de Manulife y John Hancock** Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite http://www.manulife.com . **Manulife es un empleador que ofrece igualdad de oportunidades** En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente. Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a recruitment@manulife.com . **Modalidades de Trabajo** Híbrido