Information Security Consultant

As a Business Unit Security Officer (BUSO) within the Information Risk Management team under Global Wealth Asset Management (GWAM) Information Technology First Line of Defense you will play a critical role in safeguarding the organizations IT environment. This role involves conducting risk assessments for new and existing applications infrastructure and platformsboth on premises and cloud-based. You will be responsible for identifying threats evaluating their potential impact validating appropriate protection measures providing security advisory to stakeholders and leading cross-functional collaboration to address complex information risk concerns.

Position Responsibilities:

• Perform information risk assessments in compliance with the global Information Risk Assessment methodology policies and standards.
• Ensure each completed information risk assessment is peer-reviewed and communicated to various stakeholders.
• Develop and enhance security requirements for DevOps environments and collaborate with developers engineers and support teams to help implement those requirements in applications CI/CD pipelines container workloads etc.
• Provide training and advise key stakeholders on requirements processes standards and best practices around information security and risk management.
• Respond to audits second line of defense review regulatory reviews risk and control self-assessments.
• Lead and facilitate cross-functional discussions to resolve information risk concerns ensuring alignment with company standards across technology business and risk stakeholders.
• Provide ad-hoc support for ServiceNow (SNOW) request handling including reviewing and approving firewall and security group requests when required.
• Track and manage identified information risk issues and associated corrective action plans (CAPs) ensuring timely resolution and closure in alignment with governance requirements.
• Candidate must be flexible to work in the morning or in a hybrid environment as required.

Required Qualifications:

• Experience in application security including secure software assessment tools like SAST DAST SCA IAST RASP etc. or similar areas.

• IT risk management experience in areas such as vendor risk management project risk management IT audit or IT controls assessment.
• Strong Knowledge of security controls frameworks regulatory requirements and standards concepts (e.g. ISO 270XX MAS etc.) and industry best practices (e.g. OWASP CSA CIS).
• Post-secondary education in information security computer science information technology software engineering or equivalent professional education.
• Strong communication presentation time management and facilitation skills to all levels and audiences.
• Knowledgeable in AKS Azure AI Foundry and GitHub
• Exceptional attention to detail ensuring accuracy and completeness in risk documentation and issue tracking.
• Strong interpersonal and collaboration skills to effectively engage with diverse teams and stakeholders
• Problem solving analytical and innovative mindset.
• A team player who can also work independently.

Preferred Qualifications:

• Experience with container orchestration infrastructure as code scripting and coding languages (e.g. Terraform Bash PowerShell Python) is an asset.
• Relevant professional certifications (e.g. CISSP CCSP CRISC etc.) is an asset.
• Understanding of Generative AI (GenAI) concepts and practical applications.
• Experience using tools like Power Automate and Copilot Studio to develop solutions that enhance work efficiency and automate tasks.

When you join our team:

Well empower you to learn and grow the career you want.

Well recognize and support you in a flexible environment where well-being and inclusion are more than just words.

As part of our global team well support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancy-related conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .