Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.
Does rapid iteration, experimentation and curiosity fuel your purpose? Do you want to be part of our mission to make decisions easier and lives better for our customers and employees?
Manulife / John Hancock is on a journey to become a customer obsessed, digital leader. We’re transforming and we need you.
This role for Senior Information Security Consultant will manage and execute the application security testing processes including both Dynamic and static application security tests (often referred to as penetration tests and code scans respectively)
It is a critical role in providing assurance that our web and mobile applications are secured from a variety of online and mobile threats. This role supports the organization in its effort to keep our data and our customers secure.
Who are you?
You obsess about customers, seeking ways to listen, engage and act for their benefit
You think big, with a constant curiosity to discover ways to use an agile mindset and enable the business to achieve its outcomes.
You thrive in teams, believing getting it done together drives innovation
You take ownership and build solutions, focusing on what matters
You do what is right, working with integrity and speaking out when needed
You share your humanity, building a diverse and inclusive work environment for everyone
What role will I play?
Working with first line application development teams, ensure DAST and SAST (penetration) tests are executing reliably.
Provide analysis of security risk data, including the completeness and accuracy of the test results.
Work with segment IT support and development teams to interpret results and advise on remediation priorities
Escalate high priority risk findings as appropriate
Support the AVP/VP in terms of providing timely and accurate risk data and reporting to enable KRI/KPI oversight.
Working closely with application development teams, this important role ensures that Manulife’s web applications remain secure from constantly changing online threats. As a key risk advisor to Manulife’s businesses it leverages your relationship management skills and your ability to distill complex and technical risk information into actionable mitigation requirements.
Collaborate with application development teams and owners to identify the vulnerabilities and associated remedies to ensure Manulife web application remains secure.
Bring and continuously build upon knowledge and experience with application development methodologies, frameworks and best practices.
Apply creative problem solving throughout a secure software development life cycle to continuously improve the effectiveness of the end to end process.
Ideate. Test. Learn. Iterate. Bring a flexible, adaptive mindset, comfortable with ambiguity in a rapidly changing technology environment
Be a continuous learner, not only for your own career, but from teams’ successes and failures
Embrace open source communities, both internally and externally, sharing your knowledge across your team and peers.
What you bring:
Preferably holds a bachelor’s degree
Holds relevant Information Security or related Certification such as CISSP, CISM, CISA, GIAC
Minimum 3+ years experience in one or more of the following security domains: Security and Risk Management Asset Security Architecture and Engineering Communications and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security.
What about Perks?
Manulife has lots of perks including, but not limited to:
Retirement Savings Accounts including a fully funded Pension Plan and a 401(k) plan with company match.
Manulife Share Ownership Program with company match.
Customizable Benefits Package including Health, Dental and Vision.
Generous time off policy.
Financial support for ongoing training, learning, and education
DressSmart flexible work attire policy.
An abundance of career paths and opportunities to advance
This is a full time permanent role located in Toronto, ON or Boston, MA.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
If you are ready to unleash your potential it’s time to start your career with Manulife/John Hancock.
Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Canada, Asia, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2019, we had more than 35,000 employees, over 98,000 agents, and thousands of distribution partners, serving almost 30 million customers. As of December 31, 2019, we had $1.2 trillion (US$0.9 trillion) in assets under management and administration, and in the previous 12 months we made $29.7 billion in payments to our customers.
Our principal operations are in Asia, Canada and the United States where we have served customers for more than 100 years. We trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.
Manulife is an equal opportunity employer. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention and advancement and we administer all of our practices and programs based on qualification and performance and without discrimination on any protected ground.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will consult with applicants contacted to participate at any stage of the recruitment process who request any accommodation. Information received regarding the accommodation needs of applicants will be addressed confidentially.