Director, Business Unit Security Officer

About The Position

Requirements

• 10+ years in information security and risk management, including 5+ years in leadership roles.
• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
• Professional certifications: CISSP, CISM, CRISC (or equivalent).
• Deep understanding of security and risk management frameworks (ISO 27001, NIST, COBIT) and relevant regulations (e.g., GDPR, SOX).

Nice To Haves

• Deep technical knowledge and hands-on experience in: Cloud and network security Cryptography and key management Identity and Access Management (IAM) Application security (SDLC, SAST/DAST, threat modeling)
• Experience working in Agile/DevOps environments and integrating security into CI/CD.
• Superb communication, consulting, and influencing skills; ability to tailor messages to technical and executive audiences.
• Strategic problem solver with analytical and innovative capabilities; proactive approach to issue remediation.
• Skilled in customer management, alignment, and cross-functional collaboration.
• Ability to foster a culture of security awareness across the Canadian segment.
• Good interpersonal skills for engaging diverse communities and executive customers.

Responsibilities

• Conduct formal risk assessments for technology systems and infrastructure (e.g., NIST RMF).
• Identify compliance gaps, enforce security policies/standards, and drive timely remediation.
• Integrate security into workflows by partnering with technology teams (Agile/DevOps) and platform teams.
• Partner on RCSA initiatives to align with corporate and regulatory requirements.
• Manage audits, regulatory reviews, and second line of defense queries; provide evidence and mitigation plans.
• Define, track, and report remediation programs and corrective actions to meet regulatory requirements and global standards.
• Review, update, and socialize security policies, patterns, and guardrails across the organization.
• Offer consulting expertise to Business Unit Technology leaders to align with global security objectives.
• Represent the Canadian division in global security planning and standards.
• Maintain awareness of projects/initiatives impacting security posture and proactively influence design.
• Build strategic partnerships with counterparts in technology, business and global cybersecurity team; raise awareness of emerging cyber threats specific to their operations.
• Build deep knowledge of the Canadian segment and BUs’ or equivalent experience business processes and products to tailor risk mentorship.
• Report important metrics, control effectiveness, and risk posture; maintain customer dashboards and briefings.
• Continuously refine processes based on industry trends, threat intelligence, and audit findings.
• Delegate, lead, and mentor teams with the autonomy needed to facilitate decision-making.

Benefits

• We’ll empower you to learn and grow the career you want.
• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our distributed team, we’ll support you in shaping the future you want to see.
• Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans.
• We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources.
• Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence.
• incentive programs and earn incentive compensation tied to business and individual performance.