Director, Third Party Information Security Management

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

The Director Third Party Information Security Managements lead the governance and assurance components of the Third-Party Risk Management program. This role ensures the program meets regulatory expectations and effectively responds to oversight from second-line risk functions and internal audit.

The Director is responsible for coordinating oversight reviews supporting audit readiness and managing remediation efforts related to third-party risk management.

The role requires strong governance expertise and the ability to navigate complex stakeholder environments while maintaining program transparency and accountability.

Position Requirements:

Vendor Risk Assessments

Provide governance oversight for vendor risk assessments and ensure assessment activities align with internal policies and regulatory expectations.
Review and challenge assessment outcomes where necessary to ensure consistent risk evaluation.
Support risk decision frameworks for vendor onboarding and ongoing risk acceptance.

Line 2 Risk Oversight

Serve as the primary liaison between the TPRM program and second-line risk oversight functions.
Coordinate responses to oversight inquiries and risk challenges related to vendor risk management.
Ensure appropriate documentation and evidence supports program activities.

Internal Audit Readiness

Lead preparation for internal audit reviews related to third-party risk management.
Coordinate evidence gathering and stakeholder engagement during audit activities.
Ensure clear and timely responses to audit inquiries.

Remediation Management

Oversee remediation plans for audit findings and oversight observations.
Track remediation progress and ensure commitments are delivered within agreed timelines.
Coordinate remediation activities across technology sourcing and business teams.

Governance Frameworks

Maintain and improve policies procedures and control documentation supporting the vendor risk program.
Ensure alignment with enterprise risk management frameworks and regulatory expectations.
Monitor evolving regulatory requirements impacting vendor risk governance.

Executive Reporting and Risk Intelligence

Provide governance reporting to leadership and risk committees on audit outcomes oversight activities and remediation progress.
Ensure transparency of vendor risk governance activities to senior leadership.

Program Maturity Improvement

Identify opportunities to strengthen governance frameworks and improve program effectiveness.
Support initiatives to enhance regulatory readiness and operational transparency.

Required Qualifications:

12 or more years of experience in third party risk management vendor governance compliance cybersecurity technology risk or information risk management.
Experience with Archer Process Unity and Ivalua.
Must have CISSP and/or CISA certification in good standing.
Experience working with internal audit regulatory oversight functions or enterprise risk management.
Strong knowledge of governance frameworks and regulatory expectations in financial services.
Experience leading governance or compliance teams.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancy-related conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .

Referenced Salary Location

Toronto Ontario

Working Arrangement

Hybrid

Salary range is expected to be between

$113260.00 CAD - $210340.00 CAD

Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. The actual salary will vary depending on local market conditions geography and relevant job-related factors such as knowledge skills qualifications experience and education/training. If you are applying for this role outside of the primary location please contact for the salary range for your location.

Manulife offers eligible employees a wide array of customizable benefits including health dental mental health vision short- and long-term disability life and AD&D insurance coverage adoption/surrogacy and wellness benefits and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays vacation personal and sick days and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S. please contact for more information about U.S.-specific paid time off provisions.

Required Experience:

Director