Director, Information Risk Management

Manulife is seeking a Director Information Risk Management as a Line 2 leadership role responsible for independent oversight challenge and governance of technology and data risk across Manulifes global enterprise. Reporting to the AVP Information Risk Officer Group Functions this position will participate in the design and execution of a fit-for-purpose risk oversight framework to ensure. This role ensures that technology data and corporate function platforms are designed operated and evolved in alignment with Manulifes risk appetite regulatory obligations and governance directives while enabling speed resilience and innovation.

Position Responsibilities:
Independent Challenge & Oversight:

• Provide credible independent challenge to first-line technology and data leaders on risk design control effectiveness and residual risk exposure.

• Assess and opine on the adequacy of technology infrastructure data platform and application controls against internal standards regulatory expectations and industry best practices.

• Ensure technology and data risks are clearly articulated quantified where possible and aligned to risk appetite.

• Review and challenge material risk acceptances control exceptions and remediation plans.

Domain Level Challenge and Oversight:

• Challenge operational resilience capacity management monitoring patching vulnerability identity and access control practices.

• Oversight of risks related to cloud on-prem infrastructure networks end-user computing resilience availability disaster recovery and third-party dependencies.

• Ensure strong alignment between data governance data risk model risk and information security

• Oversight of data risk across data platforms analytics AI/ML data quality lineage privacy and regulatory data obligations.

• Oversight of technology risks supporting Finance HR Legal Compliance Risk and Internal Audit systems.

• Challenge risks associated with financial reporting technology regulatory reporting and corporate data.

• Ability to stay abreast of new and emerging regulatory requirements as well as emerging and evolving risks

GRC Workflow Automation and Orchestration:

• Drive adoption of workflow-based risk management ensuring risks controls issues exceptions and attestations are consistent adequate reasonable and effective through standardized and automated practices that are traceable end-to-end

• Support the design of event-driven risk workflows integrating automated control monitoring mechanisms from source systems (e.g CI/CD Observability Ticketing Lakes Warehouses) to reduce manual assessments

• Support the design of orchestration patterns that connect risk assessments business continuity and disaster recovery control testing issue management incident root cause analysis vendor risk concurrences regulatory obligations and audit and examination responses

• Provide unbiased and evidence-based oversight to ensure that risk assessments not only meet regulatory requirements but also align with Manulifes strategic objectives and risk appetite fostering continuous improvement in the organizations cybersecurity posture.

• GRC Engineering and Continuous Assurance

• Apply and support the adoption of GRC Engineering principles across second-line information risk management including policy and infrastructure as code concepts continuous control monitoring API-enabled evidence ingestion Scalable control frameworks

• Support the continuous improvement of Manulifes GRC platforms to support near-real time insights automated second-line challenge triggers reduced operational burden on first line to ensure second-line information risk management produced decision grade risk intelligence not just compliance outputs.

Leadership & Stakeholder Influence:

• Serve as a trusted advisor to: Global IRM Leadership and Group IRO. Chief Technology Officer Chief Data Officer Group Functions CIO and Group Functions Executives

• Lead and develop a high-performing global team of technology and data risk professionals.

• Foster a constructive challenge culture that balances risk rigor with business enablement.

Key Deliverables and Outcomes:

• Clear consistent second-line risk opinions across infrastructure data and corporate technology.

• Reduced manual risk processes through workflow automation and orchestration.

• Improved timeliness quality and transparency of technology and data risk reporting.

• Strong regulatory confidence in Manulifes technology risks governance model.

• Demonstrable alignment between risk appetite controls and business outcomes.

Required Qualifications:

• 12 years in Technology Risk Information Risk Management Cyber Risk or GRC.

• 5 years in a risk leadership or second-line oversight role.

• Deep experience within financial services insurance or wealth management in a global context.

• Proven ability to challenge senior technology and data leaders with credibility capable of translating technical risks into business impact.

• Experience leading or influencing globally distributed teams.

• Demonstrated oversight of Infrastructure & Operations Cloud and hybrid environments Data platforms and analytics and corporate enterprise applications

• Strong understanding of GRC workflows including business goals governance risk management controls compliance audit and assurance and improvement

• Familiarity with GRC platforms (e.g. Archer ServiceNow Fusion).

• Working knowledge of Global Regulatory Guidelines and Control frameworks (CSA STAR for AI CCM ISO NIST COBIT COSO)

• Preferred: Experience in applying engineering principles to risk management exposure to automated control monitoring and evidence collection and a background partnering closely with Operations and Platform teams

• Bilingualism (English and French) is a strong asset. If the successful candidate is in Québec proficiency in both languages will be required to support clients from various provinces outside of Quebec.

When you join our team:

• Well empower you to learn and grow the career you want.

• Well recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team well support you in shaping the future you want to see.

#LI-Hybrid

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancy-related conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .

Referenced Salary Location

Salary range is expected to be between

If you are applying for this role outside of the primary location please contact for the salary range for your location. The actual salary will vary depending on local market conditions geography and relevant job-related factors such as knowledge skills qualifications experience and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits including health dental mental health vision short- and long-term disability life and AD&D insurance coverage adoption/surrogacy and wellness benefits and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays vacation personal and sick days and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S. please contact for more information about U.S.-specific paid time off provisions.