Lead Security Architect

Lead Security Architect

At Manulife we are changing the way we unlock value and secure the enterprise through technology and we want you to be part of it! We are growing our cybersecurity program with the vision to deliver quality applications using AI that add value to our customers faster and securely at scale. The customer is at the focus of everything we do and millions of end users rely on our products daily. We are building a state-of-the-art cybersecurity program to better protect the firms critical assets.

As aLead Security Architect youll be responsible for designing developing and implementing robust security strategies and solutions to protect Manulifes digital assets from advanced cyber thishub-and-spoke model you will report to the Chief Security Architect and will be the dedicated security architecture lead for a specific business unit ensuring alignment with the global security framework while addressing the unique needs of the segment. You will play a crucial role in shaping our global security posture and ensuring security is a foundational element of our technology and business initiatives.

Position Responsibilities:

• Architectural Design: Lead the design and development of robust security frameworks standards and best practices for global systems data and networks. This includes creating reference architectures and implementation patterns for security solutions.

• Strategic Planning: Translate business technology and threat drivers into practical security roadmaps. Youll ensure our security strategy is aligned with broader organizational goals.

• Financial Analysis: Conduct financial evaluations of security technologies including quantifying purchasing and licensing options estimating labor costs and calculating the total cost of ownership (TCO) return on investment (ROI) or payback period.

• Project Management: Draft project plans for security service and technology deployments and coordinate with stakeholders across the organization to ensure successful implementation.

• Collaboration & Integration: Work closely with various teams across Manulifes business and IT unitsincluding enterprise architecture development and risk managementto seamlessly integrate security throughout the entire project lifecycle.

• Risk Management: Conduct comprehensive risk assessments to identify vulnerabilities and define necessary controls. Partner with global information risk management teams to prioritize and mitigate risks effectively.

• Security Evaluation: Continuously evaluate the security of new and emerging technologies and potential solutions. You will stay ahead of the curve on cybersecurity trends to recommend and implement innovative solutions.

• Mentorship & Communication: Act as a security subject matter expert coaching and mentoring development teams. You will also communicate complex security standards and strategies to both technical staff and senior management with clarity and influence.

• AI Security:Design and implement security frameworks for Machine Learning (ML) Generative AI (GenAI) and Agentic AI systems. Evaluate AI-powered security tools and integrate artificial intelligence capabilities into security operations and threat detection.

• Application Security: Assess solution architectures for compliance with security standards define secure service interfaces and provide guidance to application security engineers on threat modelling and secure software development methodologies.

• Cloud Security: Provide deep expertise in securing multi-cloud computing environments (SaaS IaaS PaaS) with a strong focus on platforms likeMicrosoft AzureandAWS.

Required Qualifications:

• To succeed in this role a candidate must have a strong blend of technical expertise professional experience and interpersonal skills.

• Bachelors or masters degree in computer science information systems cybersecurity or a related field.

• Relevant industry certifications such asCISSP (Certified Information Systems Security Professional) orCCSP (Certified Cloud Security Professional)are required.

• At least 10 years of experience specifically in senior information security architecture roles with demonstrated progression in responsibility and complexity.

• Proven experience in the financial services industry with understanding of regulatory requirements compliance frameworks and industry-specific security challenges.

• Experience in using architecture methodologies such asSABSA Zachman and/or TOGAF.

• Direct hands-on experience or strong working knowledge of managing security infrastructuree.g. firewalls intrusion prevention systems (IPSs) web application firewalls (WAFs) endpoint protection SIEM and log management technology.

• Verifiable experience reviewing application code for security vulnerabilities and strong working knowledge of vulnerability management tools.

• Experience securing CI/CD pipelines.

• Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.

• Experience designing the deployment of applications and infrastructure into public cloud services.

• Direct experience designing IAM technologies and services including Active Directory Lightweight Directory Access Protocol (LDAP) and Amazon Web Service (AWS) IAM.

• Extensive knowledge of full-stack IT infrastructure including:Applications Databases Operating systemsWindows Unix and Linux Hypervisors IP networksWAN and LAN Storage networksFibre Channel iSCSI and NAS Backup networks and media Containers/Kubernetes

• Communication: Excellent verbal and written communication skills are crucial for articulating complex technical concepts and influencing stakeholders at all levels. You must be able to translate complex security matters into business terms that are easily understood by colleagues and senior management.

• Problem-Solving: Strong analytical problem-solving and decision-making abilities.

• Collaboration: The capacity to balance competing priorities and maintain a collaborative and positive attitude.

• Travel Flexibility:Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement

• Experience from large complex environment is highly preferred but not a must.

• Experience from large financial Orgs is a definite plus but not a must.

• Architectlevel experience designing and governing security architectures on Alibaba Cloud leveraging both native and thirdparty security services.

• Language: English and Mandarin required;

When you join our team:

• Well empower you to learn and grow the career you want.

• Well recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team well support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancy-related conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .