Business Exp Plan & Admin Spec Sr. collaborating with cross - functional teams for PNC's Enterprise Technology & Security Organization. Delivering business planning processes and value - add opportunities while managing projects across physical security.
About the role
- Director of Cybersecurity Risk Oversight at Manulife responsible for cybersecurity governance, risk assessment, and policy development. Collaborate with multidisciplinary teams to ensure compliance with strategic objectives.
Responsibilities
- Lead the independent oversight of cybersecurity risks, ensuring robust alignment with Manulife’s standards and strategic objectives.
- Provide expert guidance to uphold the integrity of the cybersecurity framework.
- Collaborate with multidisciplinary teams to gain a comprehensive understanding of Manulife’s technology strategy, operations, and regulatory environment.
- Proactively identify and assess areas of emerging and heightened risk related to information and cybersecurity.
- Evolve and enhance Line 2 oversight frameworks to effectively manage and mitigate risks associated with information and cybersecurity, ensuring these frameworks remain agile and responsive to new challenges.
- Oversee Line 1 risk, compliance, and operational metrics, and actively participate in the development and maintenance of Line 2’s information and cybersecurity risk measurement programs.
- Ensure these metrics are comprehensive and support strategic risk management initiatives.
- Conduct comprehensive and in-depth assessments of technology programs, particularly those with third-party dependencies, to ensure the safeguarding of organizational assets.
- Utilize advanced risk assessment methodologies to identify vulnerabilities and implement effective mitigation strategies.
- Execute independent and objective challenges to existing cybersecurity measures across critical risk domains, including Identity & Access Management, Cloud Security, Network Security and Data Security.
Requirements
- 7-10 years in cybersecurity or technology risk management and/or First Line cybersecurity operations
- Experience with critical security risk domains such as cloud security, network security, identity and access management, and third-party security
- Commitment to continuous learning of cybersecurity risks, threat landscape, and best practices, with a focus on effective and efficient governance and oversight
- Experience in developing enterprise policies & standards, conducting risk assessments, and a strong understanding of common risk frameworks, such as NIST Cybersecurity Framework and 800-53, ISO 27001/27002, and PCI DSS 4.0
- Ability to work cross-functionally, aligning risk management with broader business strategies
- Excellent verbal and written communication skills, with a focus on technical writing. Must be able to effectively convey complex risk concepts and insights to senior leadership and business collaborators.
- Skilled in crafting clear and concise reports, presentations, and documentation to facilitate informed decision-making
- Expertise in engaging with diverse collaborators to integrate their feedback into risk management practices
- Ability to effectively manage crises related to cybersecurity risks, demonstrating resilience and adaptability
- Keen interest in emerging technologies and innovations, with the ability to assess potential risks and opportunities.
Benefits
- health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage
- adoption/surrogacy and wellness benefits
- employee/family assistance plans
- various retirement savings plans (including pension and a global share ownership plan with employer matching contributions)
- financial education and counseling resources
- generous paid time off program in Canada (including holidays, vacation, personal, and sick days)
- full range of statutory leaves of absence
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cloud Security Engineer focused on protecting Shipt applications and guiding engineering teams in cybersecurity best practices. Designing, developing, and maintaining secure security systems in a hybrid environment.
Construction Site Superintendent overseeing construction projects for Johnson Controls, ensuring timely completion and adherence to project scope, budget, and schedule. Collaborating with teams and managing site activities in the United States.
Senior Security Architect providing security consulting and risk assessment at The Missing Link. Leading initiatives in security architecture and technology risk support within a hybrid work environment.
Apprentice Fire and Security Engineer installing, commissioning, and maintaining electronic protection systems for Johnson Controls. Collaborating in a team - based environment and gaining hands - on experience in fire and security technology.
Teaching and research role in Cybersecurity and AI at De Vinci School. Engaging in course design and research projects in a collaborative academic environment.
Data Protection Security Engineer at Fiserv designing, implementing, and maintaining cybersecurity solutions. Collaborating with teams to safeguard client information and ensure regulatory compliance.
Senior Manager IAM Metric Insights managing metrics and performance in Identity and Access Management. Delivering insights and reporting to enhance security posture for RBC's Global Security team.
HSE Technician I in TechnipFMC's HSE team promoting and supporting an HSE culture. Assisting with investigations, conducting audits, and maintaining safety documentation.
Information Security Officer creating security policies and managing security teams to protect Paytient. Collaborating with internal and external teams to ensure compliance and security posture.