Manulife is seeking a Director, Information Risk Management to lead and oversee the execution of independent second‑line challenge and oversight across technology, data, operational resilience, and enterprise risk programs. Reporting directly to the AVP, Information Risk Officer for Group Functions, this role has full accountability for delivery, quality, and execution of all second-line oversight activities performed by the team.
This role ensures all assessments and oversight outputs adhere to second‑line expectations, risk governance standards, and Manulife's risk appetite—while providing high‑quality risk insights to senior stakeholders.
Position Responsibilities:
- Lead and improve second line challenge across technology, data, and operational risk.
- Challenge first line risk assessments, controls, remediation, and risk acceptances.
- Provide clear, evidence‑based second line risk opinions and escalate material issues.
- Oversee review and challenge of RCSAs, vendor risks, major initiatives, and incidents.
- Ensure quality challenge of risk acceptances, corrective action plans, and resilience controls (BCM/DR).
- Direct a team of managers and analysts to deliver timely, high‑quality oversight work.
- Review and approve all second line deliverables to ensure accuracy, consistency, and standards alignment.
- Lead thematic risk analysis and deliver dashboards, reports, and executive‑level insights.
- Champion automation, Generative AI, and continuous monitoring tools within oversight processes.
- Engage senior stakeholders, communicate challenge outcomes clearly, and represent second line in governance forums.
- Ensure timely delivery of oversight commitments and support improved enterprise risk posture.
Required Qualifications:
- 10–12+ years of experience in Information Risk, Technology Risk, Cybersecurity, Operational Risk, or GRC.
- Strong experience leading second‑line or audit-style oversight programs across global enterprises.
- Proven ability to deliver complex, multi‑domain oversight programs with accountability for quality and timeliness.
- Ability to lead blended teams (onshore and offshore) through influence, guidance, and technical direction.
- Deep knowledge of cloud, infrastructure, data platforms, resilience, and enterprise IT environments.
- Familiarity with regulatory frameworks (ISO, NIST, COBIT, CSA/CCM, OSFI, etc.).
- Experience with Generative AI, automation workflows, or continuous control monitoring tools is preferred.
- Excellent communication, risk judgment, and stakeholder engagement skills.
When you join our team:
- We'll empower you to learn and grow the career you want.
- We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
- As part of our global team, we'll support you in shaping the future you want to see.
