AVP, Information Risk Officer, Asia

Key Responsibilities:

The AVP, Information Risk Officer will lead the day-to-day operations of the Asia segment Information Risk Officer team providing oversight, challenge and risk assessment. As an experienced and pragmatic technology risk practitioner the successful candidate will deliver:

• Independent Oversight: Parter with senior technology leadership and other stakeholders to objectively assess and challenge risk management practices across technology departments. Provide direction and support to First Line in the performance of key risk practices. Assess the adequacy of control environments for technology and cyber domains lead assessments on focus areas to assess risk as well as reporting on incidents leading to losses. Act as a second line of defense, ensuring risks are appropriately identified, managed, and monitored in alignment with all relevant regulations. Drive escalation for actions that are outside of risk tolerances or inconsistent with strong risk culture.
• Reporting and Stakeholder Management: Support data driven quarterly risk committees and other risk reporting by engaging senior technology leadership to ensure they are aware of and aligned with various reporting and have provided input. Ensure appropriate forums are in place for the ongoing discussion of risk matters and key risk indicators with leaders and other stakeholders.
• Strategic Risk Advice: Partner with senior technology leaders to identify risk trends, provide insights and recommend courses of actions to manage risk within appetite. Highlight material and emerging risks to stakeholders.
• Risk Culture: Championing a strong and continuously improving Risk & Control environment across the Technology teams. Maintaining an environment of high performance, engagement, and collaboration through strong leadership with effective coaching and mentoring.

As a member of the Global Chief Information Risk Officer's leadership team, you will participate in strategy setting, methodology development and the establishment of standardized practices, the growth of shared services and the pursuit of operational efficiency including digitization using AI. You will work closely with practices areas and methodology teams to maintain and implement our global information risk management framework.

Key Qualifications:

• Minimum 15 years in technology risk management, information/cybersecurity or IT governance or IT Audit. First Line and financial services experience is an asset.
• Deep understanding of regulatory guidelines and their practical application in a complex enterprise environment through the Three Lines of Defense. Experience with regulations from Canada's OSFI regulations, Singapore's MAS and Hong Kong's Insurance Authority is an asset.
• Proven ability to engage and influence senior technology leaders and cross-functional stakeholders.
• Demonstrated ability to lead, manage and empower a team.
• Ability to understand the entire IT landscape, identify risks and connect to system and process owners to mitigate exposure.
• Ability to evaluate new technologies and know the latest industry trends and developments in information technology and security.
• Ability to frame information security and information risk-related concepts to both technical and non-technical audience.
• Ability and desire to inspire change in a sophisticated environment.
• Strong knowledge of IT infrastructure and operations, cloud services, software development, and cybersecurity practices.
• Experience with risk and governance frameworks, such as the NIST Cybersecurity Framework, ISO 27001/27002, and COBIT. Experience with ITIL or equivalent practices is helpful.
• Ability to work cross-functionally, aligning risk management with broader business and technology strategies
• Experience with risk assessment methodologies, control testing, and incident management.
• Excellent analytical, communication, and presentation skills.
• Relevant degrees and professional certifications such as CRISC, CISM, CISSP, or equivalent are considered assets.
• Able to travel to all of Manulife's markets in Asia on a regular basis as well as periodically to Canada and the United States.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit .

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact .