Job Title

We are seeking an expert Senior Cybersecurity Specialist to strengthen our Cyber, Security, Risk & Controls (CSRC) organization. In this role, you will help establish and maintain cybersecurity governance frameworks, assess emerging threats, evaluate vulnerabilities, and ensure compliance with organizational standards and regulatory requirements. You will work closely with engineering, product, and risk partners to guide secure development practices and improve our overall security posture. This position is essential to maintaining continuity in our cybersecurity operations following the departure of the previous role holder. Position Responsibilities Support the development, implementation, and continuous improvement of cybersecurity governance frameworks, risk methodologies, and compliance processes. Conduct penetration testing, code scanning, threat modeling, vulnerability assessments, and prioritize remediation based on risk levels and business impacts. Configure, validate, and optimize SAST, DAST, and SCA tools (e.g., Veracode, Snyk, SonarQube, BurpSuite) to ensure highquality results and actionable insights. Lead security assessment intake, triage, documentation, and reporting activities, collaborating with technical teams to implement corrective actions. Communicate risk findings, governance improvements, KPIs, and KRIs to senior leaders, and contribute to executivelevel dashboards and risk reporting. Required Qualifications Strong understanding of information security controls, vulnerability management, and risk management frameworks such as NIST CSF and ISO 27001/27002. Proficiency with security tools including SIEM, IDS/IPS, endpoint protection, vulnerability scanners, and application security testing platforms. Experience with cybersecurity assessment frameworks (OWASP, PTES, OSSTM) and penetration testing techniques. Strong analytical and reporting skills, including experience with data visualization tools (Power BI, Tableau). Excellent written and verbal communication skills, with the ability to convey risks and recommendations to both technical and business stakeholders. Preferred Qualifications Industryrecognized cybersecurity certifications such as CISSP, CSSLP, OSCP, or equivalent. Experience with ServiceNow Security Operations, Archer GRC, and cloud security (Azure, AWS). Knowledge of regulatory requirements related to cybersecurity and technology risk management. Ability to collaborate effectively in Agile/DevOps environments with crossfunctional teams. Experience developing executive dashboards, KPIs, and KRIs for cybersecurity and risk reporting. When You Join Our Team Well empower you to learn and grow the career you want. Well recognize and support you in a flexible environment where wellbeing and inclusion are more than just words. As part of our global team, well support you in shaping the future you want to see. https://www.manulife.co.jp/ / / [email protected] Referenced Salary Location Toronto, Ontario Working Arrangement Salary range is expected to be between $113,000.00 CAD - $163,000.00 CAD. If you are applying for this role outside of the primary location, please contact [email protected] for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant jobrelated factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and longterm disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact [email protected] for more information about U.S.-specific paid time off provisions. #J-18808-Ljbffr