AVP Cyber Risk Governance Regulatory Oversight Global Risk

Manulife is seeking a highly experienced AVP of Cyber Risk Governance & Regulatory Oversight to join our Global Information & Cyber security risk function as part of our second line oversight. This pivotal role will provide strategic leadership and independent oversight of our cybersecurity risk and compliance programs reporting directly to the VP of Information & Cyber Security Risk within our Global Risk team. The successful candidate will play a crucial role in ensuring our organizations adherence to global cybersecurity regulations including OSFI B13 OSFI Integrity & Security guidelines SWIFT PCI and emerging AI compliance requirements. They will possess expertise in navigating the complexities of these frameworks as well as in addressing threats posed by other sophisticated adversaries. The AVP will leverage industryleading frameworks such as NIST and ISO to safeguard our operations and support our strategic objectives across all regions. They will also work to strengthen our resilience against critical threats integrating insights from global threat intelligence to proactively manage risks.

Position Responsibilities:

• Leadership & Independent Oversight: Provide strategic leadership and independent oversight of cybersecurity risk ensuring alignment with Manulifes strategic objectives. Perform independent evaluations using frameworks such as NIST and SWIFT to assess and enhance our cybersecurity posture. Interpret and oversee adherence to industry regulations including OSFI Solvency II ISO HKMA PCPD MAS and PDPC with a focus on financial data integrity operational & cyber resilience and customer trust. Lead initiatives to continually evaluate and enhance risk management processes ensuring they are robust and responsive to evolving threats.

• Risk Taxonomy & Risk Appetite: Work with Enterprise Risk Management to refine Manulifes cybersecurity risk taxonomy and risk appetite frameworks to reflect the complex regulatory environment.

• Cyber Regulatory Oversight: Oversee and challenge adherence to cyber regulatory requirements ensuring accurate interpretation and compliance by the first line with critical industry regulators including OSFI B13 OSFIs security and integrity guidelines and other global regulatory bodies. Emphasize the interpretation and implementation of regulatory requirements that enhance resilience and risk management supporting national security and ensuring the protection of sensitive policyholder information to maintain industry trust. Stay at the forefront of emerging technologies and regulatory changes to ensure Manulifes cybersecurity strategies remain robust and aligned with both domestic and international regulatory standards across all operational regions.

• Cyber Risk Reporting & Strategy: Lead the cyber risk reporting function by designing comprehensive metrics KPIs and dashboards to ensure effective Line 2 oversight; work with Centers of Excellence to build the reporting. Collaborate with the Information Risk team to update roadmaps strategies and processes in alignment with evolving risks and organizational objectives. Present risk data and insights clearly and effectively to senior leadership and stakeholders ensuring informed decisionmaking and continuous improvement in our cybersecurity posture. Prepare cybersecurity board materials providing actionable insights on cyber risk and compliance focusing on data security operational resilience and emerging technology risks.

• Strategic Influence & Oversight/Challenge: Collaborate with senior leadership and crossfunctional teams to integrate cybersecurity risks into Manulifes strategic goals. Provide independent challenge to cybersecurity initiatives advocating for continuous improvement and alignment with regulatory requirements and risk appetite.

Required Qualifications:

• 710 years in cybersecurity risk management with strong Line 2 governance experience in the insurance or financial services sectors.

• Demonstrated ability to provide strategic oversight and independent challenge in cybersecurity risk management driving initiatives that align with organizational goals. Inspire and mentor team members to achieve high performance and foster a proactive security culture.

• Expertise in cybersecurity regulations including OSFI SWIFT Solvency II and data privacy laws.

• Strong understanding of the NIST Cybersecurity Framework ISO27001/27002 PCI DSS 4.0 PIPEDA AI regulations and global compliance standards

• Proven experience in risk taxonomy development risk appetite definition

• Possess a strong understanding of threat intelligence with expertise in analyzing and applying insights to enhance cybersecurity measures. This position requires candidates to successfully complete a security screening process and obtain the necessary security clearance.

• Previous experience working with government stakeholders as well as facilitating effective information sharing practices to support national security objectives would be beneficial.

• Demonstrated leadership in strategic oversight with expertise in preparing boardlevel materials and developing risk metrics.

• Ability to work crossfunctionally aligning cybersecurity risk management with broader business strategies.

• Ability to analyze complex cybersecurity threats and trends identifying potential risks and opportunities for improvement. Employ datadriven approaches to enhance risk assessment and reporting processes.

• Excellent verbal and written communication skills with the ability to effectively convey complex cybersecurity concepts and insights to senior leadership stakeholders and board members. Skilled in crafting clear and concise reports presentations and documentation that facilitate informed decisionmaking

When you join our team:

• Well empower you to learn and grow the career you want.

• Well recognize and support you in a flexible environment where wellbeing and inclusion are more than just words.

• As part of our global team well support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancyrelated conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .