Description:
Manulife is hiring a Manager, Information Risk Management to lead Risk Control Self Assessments (RCSA) and risk governance across technology, data, and information/operational risk. Reporting to the Director, IRM, this first-line role oversees risk execution and control operations aligned to Manulife’s risk appetite, standards, and regulatory expectations.
The manager will act as a trusted advisor to functional risk teams, centers of excellence, and senior technology/data leaders—driving effective control design, monitoring, issue remediation, and clear risk reporting to enable informed decisions and strong governance.
Position Responsibilities
- Perform internal control testing for RCSA, Informational, and Operational Risk and Resilience Oversight, regulatory, and audit activities
- Design and implement new controls; test design and operating effectiveness
- Coordinate research and responses for completeness, data analytics, compliance monitoring, internal reviews, regulatory requirements, and external audits
- Analyze processes and controls using data analytics to identify gaps, trends, and remediation needs
- Recommend system enhancements and operational improvements to increase efficiency and strengthen risk governance
- Troubleshoot and resolve complex operational and control-related issues
- Drive continuous improvement of business processes and controls
- Act as an internal SME for escalations, consulting, and problem-solving
- Provide governance over issue resolution and corrective actions
- Ensure integrity of processing and workflows through cross-department collaboration
- Maintain and manage the department’s procedures and documentation library, ensuring accuracy and currency
Required Qualifications
- 6–10+ years of experience in Information Risk, Technology Risk, Cyber Risk, GRC, or Operational Risk.
- Experience performing independent L1B oversight or audit-style review activities.
- Strong understanding of technology, data, cloud, infrastructure, and operational resilience risks.
- Ability to evaluate complex risk scenarios.
- Experience with risk programs (RCSA, third‑party risk, issues, incidents, BC/DR, change risk).
- Familiarity with GRC platforms such as Archer, ServiceNow, or Fusion.
- Knowledge of regulatory frameworks and standards (ISO, NIST, COBIT, CSA/CCM, OSFI, etc.).
- Exposure to Generative AI, Agentic AI, automation tools, or continuous monitoring technologies.
When You Join Our Team
- We’ll empower you to learn and grow the career you want.
- We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
- As part of our global team, we’ll support you in shaping the future you want to see.