Director, Cybersecurity Regulatory Compliance Program (John Hancock)
Director, Cybersecurity Regulatory Compliance Program (John Hancock)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
The Opportunity
Work location: Boston USA
Work arrangement: Hybrid 3 days in office 2 days from Home; Remote working arrangement is not available;
As Director of Cybersecurity Compliance Program (CCP) for John Hancock you will be a critical part of the Cybersecurity Resilience & Governance leadership team reporting directly to the John Hancock Chief Information Security Officer (CISO) as the CCP Program will be responsible for all cybersecurity regulatory compliance activities carried out for our Life Insurance LongTerm Care Annuities and High Net Worth lines of will also develop and maintain collaborative working relationships with other lines of business and global teams supporting multiple John Hancock legal entities for comprehensive cybersecurity regulatory compliance will provide proactive identification and management of compliance issues support the John Hancock CISO with annual board reporting and be the primary point of contact for our Legal and Compliance departments on all cybersecurity regulatory compliance matters.
This role offers you the opportunity to lead and influence in a function that continues to grow and mature in our will work closely and regularly with many crossfunctional teams including local and global IT and security teams Distributions Procurement Human Resources Risk Audit Privacy Legal and Compliance as well as external will build and develop your risk and compliance analytical skills and will have regular opportunities to present to and advise executive management across multiple functions locally and globally.
Duties & Responsibilities
Develop and deliver on the John Hancock Cybersecurity Regulatory Compliance Program strategy operating model and execution plans.
Maintain ongoing knowledge and understanding of applicable regulatory and industry requirements and provide subject matter expertise on new and changing laws and regulations.
Advise subject matter experts on applicable regulatory and industry requirements identify compliance issues and help develop corrective action plans where needed.
Collaborate with other Cybersecurity Resilience & Governance leads to collectively monitor and maintain effective cybersecurity operations and technical controls.
Report on cybersecurity regulatory compliance initiatives posture and key areas of risk to senior and executive leadership and provide close support to the CISO on annual board reporting.
Lead and manage cybersecurity due diligence for our US distribution partners (agents and producers).
Lead and coordinate responses for all external inquiries (i.e. regulatory exams client security questionnaires) on cybersecurity operations and technical controls.
Lead and manage the US Segment IT organization through the Information Risk Management policies and standards refresh process ensuring key stakeholders understand proposed changes and facilitating feedback
Support other IT and security initiatives as needed.
Technical Qualifications
Knowledge of cybersecurity laws and regulations including HIPAA SEC/OCIE OSFI NYDFS Cybersecurity Regulation and/or other state adoptions of NAIC model laws.
Knowledge of industry standards and cybersecurity frameworks including ISO 27000 NIST COBIT COSO and/or ITIL.
Experience conducting risk assessments and/or compliance reviews and applying risk management frameworks aligned with regulatory and industry requirements.
Experience responding to regulatory exam and audit requests including collection review and submission of documentation and/or preparing subject matter experts for interviews.
Experience providing a serviceoriented approach to managing risk and compliance with crossfunctional global and enterprisewide teams.
Minimum Requirements
4 years of audit risk legal and/or compliance experience. Insurance or financial industry and/or IT and information security experience preferred.
Bachelors degree or 4 additional years of related experience. Masters degree or Juris Doctor a plus.
Related industry certification (e.g. CRISC CISSP CISA) a plus.
Strong time management and organizational skills.
Strong written and verbal communication skills.
Strong working knowledge of Microsoft Office tools. Experience with Archer eGRC a plus.
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer
At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancyrelated conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .
Referenced Salary Location
Boston MassachusettsWorking Arrangement
Salary range is expected to be between
$124250.00 USD $230750.00 USDIf you are applying for this role outside of the primary location please contact for the salary range for your location. The actual salary will vary depending on local market conditions geography and relevant jobrelated factors such as knowledge skills qualifications experience and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.
Manulife/John Hancock offers eligible employees a wide array of customizable benefits including health dental mental health vision short and longterm disability life and AD&D insurance coverage adoption/surrogacy and wellness benefits and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension/401(k) savings plans and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in the U.S. includes up to 11 paid holidays 3 personal days 150 hours of vacation and 40 hours of sick time (or more where required by law) each year and we offer the full range of statutory leaves of absence.
Know Your Rights I Family & Medical Leave I Employee Polygraph Protection I Right to Work I EVerify I Pay Transparency
Company: John Hancock Life Insurance Company (U.S.A.)Required Experience:
Director
Employment Type
Full-Time
