Search by job, company or skills

Manulife Data Services, Inc

Information Risk Manager

Manulife Data Services, Inc
Quezon City
6-10 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 16 hours ago
  • Be among the first 10 applicants
Early Applicant
Quick Apply

Job Description

Manulife is seeking a Manager, Information Risk Management to lead the execution of independent second line challenge and oversight activities across technology, data, and operational risk. Reporting to Director, IRM, IRO, this role provides analysis, challenge, and governance scrutiny to ensure first line risk practices meet Manulife's risk appetite, standards, and regulatory expectations.

The Manager provides expert-level independent oversight (not operational ownership) across:

Key Responsibilities:

Risk & Control Self-Assessments (RCSAs)

  • Perform deep‑dive reviews of RCSAs across technology, data, and operations.
  • Challenge the accuracy of risk identification, inherent/residual ratings, and control assertions.
  • Identify under‑assessed risks, inadequate controls, or inconsistencies across assessments.

Third‑Party / Vendor Technology Risk

  • Challenge first‑line due diligence results, inherent risk scoring, and compensating controls.
  • Evaluate adequacy of vendor oversight for cloud, SaaS, critical providers, and high‑risk technology services.
  • Provide second‑line opinion on residual risk and required mitigation.

Initiative & Change Risk Oversight

  • Review major programs, platform changes, and technology transformations for risk impact.
  • Challenge assumptions around control design, architecture changes, and implementation risk.
  • Assess adequacy of first‑line mitigation plans for risks introduced by new solutions.

Reportable Events & Incident Oversight

  • Review incident documentation, severity classification, and root‑cause analysis.
  • Challenge the completeness of event investigations and recurrence prevention plans.
  • Identify thematic trends across events for reporting to senior leadership.

Issue Management (Risk Acceptances & Corrective Action Plans)

  • Challenge the validity and appropriateness of first‑line risk acceptances.
  • Evaluate corrective action plans for feasibility, urgency, and expected risk reduction.
  • Validate CAP closure evidence from a second‑line perspective.

BCM, DR & Critical Operations Oversight

  • Independently review business continuity plans, disaster recovery testing outcomes, and resilience maturity.
  • Challenge critical operations classification, recovery objectives, and testing sufficiency.
  • Identify gaps requiring escalation or thematic risk reporting.

Data Analysis & Second-Line Risk Insights

  • Conduct advanced analysis of enterprise risk datasets (issues, events, assessments, controls, testing).
  • Identify emerging risk themes, systemic control weaknesses, or concentration risk.
  • Produce decision‑grade risk intelligence and oversight insights for Directors, AVPs, and executives.
  • Support the development of consolidated second‑line opinions for senior governance forums.

Automation, Generative AI & Agentic AI Enablement

  • Leverage Generative and Agentic AI to enhance oversight efficiency, evidence review, and thematic analysis.
  • Support adoption of automated workflows, continuous monitoring, and AI‑based risk detection.
  • Assess the reliability and explainability of AI‑generated insights used for second‑line challenge.
  • Identify opportunities to increase automation maturity within risk oversight processes.

Stakeholder Engagement

  • Serve as a trusted advisor to directors, AVPs, first‑line technology leaders, and centers of excellence.
  • Communicate second‑line challenge outcomes with clarity, evidence, and constructive business engagement.
  • Influence senior stakeholders while maintaining second‑line independence and objectivity.
  • Represent second‑line viewpoints in assessments, risk discussions, and governance forums.

Required Qualifications

  • 6–10+ years of experience in Information Risk, Technology Risk, Cyber Risk, GRC, or Operational Risk.
  • Experience performing independent second‑line oversight or audit-style review activities.
  • Strong understanding of technology, data, cloud, infrastructure, and operational resilience risks.
  • Ability to evaluate complex risk scenarios and form well‑supported second‑line opinions.
  • Experience with risk programs (RCSA, third‑party risk, issues, incidents, BC/DR, change risk).
  • Familiarity with GRC platforms such as Archer, ServiceNow, or Fusion.
  • Knowledge of regulatory frameworks and standards (ISO, NIST, COBIT, CSA/CCM, OSFI, etc.).
  • Exposure to Generative AI, Agentic AI, automation tools, or continuous monitoring technologies.
Spotlight
  • Cafeteria, Joining goodies, Maternity leaves, Annual leaves, Rewards & recognition, Course reimbursements, Professional degree assistance, Stock options, Health & insurance, Life insurance, Mental health wellbeing

Bachelors/ Degree

More Info

Job Type:
Permanent Job
Industry:
Financial Services, Insurance
Role:
Other Roles
Function:
Others
Employment Type:
Full time
Open to candidates from:
Philippines/Filipino

Job ID: 145519225

Jobs by Skill - IT
Jobs by Skill - Non IT
Jobs By Industry
International Jobs
Last Updated: 08-04-2026 00:53:08 AM
Homejobs in Quezon CityInformation Risk Manager

Similar Jobs

Infosec Delivery Consultant - US

Algo-app Digital Private Limited

Information Risk Management Director

Manulife

Internal Audit Manager (Manila)

Copeland Supply
C

VP, Head of Software Development

drake international philippines
D

Data Engineer-Data Integration

IBM
I