Information Risk Management Senior Consultant

As an Information Risk Management Senior Consultant you will be part of the Group Functions (GF) Information Technology First Line of Defense and is responsible for performing risk-based information security assessments for new technologies and maintaining governance frameworks including generative AI technologies ensuring compliance with information security standards and managing risks associated with cloud-based on premises and AI-driven platform and services.

You are expected to have deep understanding of cybersecurity risks technologies governance practices and effectively communicate them to business units. Serves as a trusted partner for business units fosters strong relationships and instills cybersecurity policies and practices throughout business units.

This is an Individual contributor position supporting a designated business unit based in Toronto or Waterloo ON office with a hybrid work arrangement (3 days in office Tuesday Wednesday & Thursday preferably).

Position Responsibilities:

• Acts as a liaison and trusted partner for all information security activities in the business unit ensuring balance between the needs of the business/IT and leading security practices.

• Supports security and risk initiatives to instill cybersecurity policies and practices throughout business units.

• Collaborate with cross functional teams to ensure cybersecurity and IT controls are embedded in all new initiatives and communicates the impact to relevant stakeholders.

• Participates in key initiatives and projects to ensure that cybersecurity and IT controls are accounted for early within the project and software development lifecycles for respective business unis.

• Performs comprehensive information risk assessments of On-Prem IAAS PAAS SAAS and generative AI projects identifying and mitigating risks associated with the solutions.

• Ensure compliance with the global Information Risk Assessment methodology policies and standards.

• Maintains up-to-date knowledge related to cybersecurity threats vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.

• Develops and implements risk management strategies across business unit.

• Provides security consulting services to the Business and IT partners.

• Tracks and manages identified information risk issues and associated corrective action plans (CAPs) ensuring timely resolution and closure in alignment with governance requirements.

• Support operational security activities including segment specific security processes (e.g. incident response vulnerability management Firewall reviews).

• Respond to audits regulatory reviews risk and controls self-assessments.

• Provides training and advise key stakeholders on requirements processes standards and best practices around information security and risk management.

• Familiarity with laws and standards frameworks (e.g. NIST ISO27001 GDPR Sarbanes-Oxley EU AI Act).

Required Qualifications:

• Minimum 5 years of experience in Information Risk management: vendor risk management project risk management IT audit or IT controls assessment.

• Bachelors degree or equivalent

• Relevant professional designations (e.g. CISSP CRISC CISM CISA) are a plus.

• Proven ability to quickly and easily adapt to changes within the business and organization

• Ability to build and maintain strong relationships across teams and stakeholders

• Ability to work in a fast-paced environment.

• Ability to balance competing demands with minimal management direction/support.

• Effective communication presentation negotiation and influencing skills

• Strong presentation and facilitation skills for diverse audiences.

• Should have excellent time management and organizational skills to handle multiple tasks and changing priorities.

When you join our team

• Well empower you to learn and grow the career you want.

• Well recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team well support you in shaping the future you want to see

The role being advertised is an existing vacancy.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider helping people make their decisions easier and lives better. To learn more about us visit is an Equal Opportunity Employer

At Manulife/John Hancock we embrace our diversity. We strive to attract develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment retention advancement and compensation and we administer all of our practices and programs without discrimination on the basis of race ancestry place of origin colour ethnic origin citizenship religion or religious beliefs creed sex (including pregnancy and pregnancy-related conditions) sexual orientation genetic characteristics veteran status gender identity gender expression age marital status family status disability or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process contact .

Referenced Salary Location

Salary range is expected to be between

Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. The actual salary will vary depending on local market conditions geography and relevant job-related factors such as knowledge skills qualifications experience and education/training. If you are applying for this role outside of the primary location please contact for the salary range for your location.

Manulife offers eligible employees a wide array of customizable benefits including health dental mental health vision short- and long-term disability life and AD&D insurance coverage adoption/surrogacy and wellness benefits and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays vacation personal and sick days and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S. please contact for more information about U.S.-specific paid time off provisions.

We use data and analytics technologies such as artificial intelligence (AI) and automated processing tools to analyze and process the information you provide to us or third parties in the application process. For more information please refer to our personal information collection statement.