Manager, Application Security

Manager, Application Security

Manulife (International) Limited - Selen Chan
Not Specified
Not Specified

Job Description

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders You've come to the right place. We're looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we'd like to hear from you.
Job Description
The Opportunity
Thispositionreports directly to theregionalAsiaIT Protectionlead, within the Asia Information Security and Controls Governance team.
The function sits within Manulife'sline 1Bof defense- where we align with leadership to set the risk culture, support IT and Ops in identifying and mitigating risks atscale, andprovide a common view and narrative of key risks to enable business discussions.
Thispositionoversees and supports the key controls governance processes within the first line of defense.Wehelpline 1bbusinessunitsto ensure uninterrupted BAUon a day-to-day basisbyeffectively managingtheirinformation and operational risks.To achieve this, weneed toensure success inmaintaininginternal controls andliaisonwithManulife'sline 2b of defensethat ownsManulifecontrol policies and standards.
What motivates you

  • You obsess about customers, listen, engage and act for their benefit

  • You think big, with curiosity to discover ways to use your agile mindset and enable business outcomes

  • You thrive in teams, and enjoy getting things done together

  • You take ownership and build solutions, focusing on what matters

  • You do what is right, work with integrity and speak up

  • You share your humanity, helping us build a diverse and inclusive work environment for everyone

We are looking for someone with:

  • University graduate with minimum5yearsofexperienceor moreof related technology risk,application security, or information security experience

  • Understandsapplication security vulnerabilities, different application security testing methodologies and related application security tools

  • Technical knowledge of applicationand Datasecurity tools (e.g.DLP, NAC,SAST, DAST, WAF)

  • Knowledgeon the following but not limited to the following technologies and/or security concept: Diverse Hybrid Cloud Computing, Security Automation, API Security, Web application Security Risks, Cloud security controls & technologies, source code/pen-test/vulnerability scanning tools,Devopspipeline, Infrastructure as a code, Kubernetes andContainers

  • Experience in planning, designing and implementing an overall risk management process for a financialorganization

  • Good communication skills and able to work with onshore andoff-shoreteams

  • Pastexperience in Regional roleisadvantageous

  • Holding qualification ofCISA,CISSP,CEHand PMPispreferable

  • Other certifications such as OSCP, OSCE, GIAC Web Application Penetration Tester (GWAPT)willbeanadvantage

On the job you will:

  • Take ownership of the Application security portfolio, helping to drive best practices, conducting security testing (automatic, manual), creating new ways to solve security issues and implemented application security controls basedfromManulife Standard and Policies

  • Day to day duties include testing and validation of vulnerability findings from ExternalPentesters, Security Researchers from Bug Bounty Platforms, provide advisory to the Development teams on how to resolve the vulnerabilities, provide insights and review on Architectural change on the Application

  • SupporttheIT Protectionprogramwith focus on the application securitydomains

  • Interact with thecountry's developers andAppSecchampionsto provide guidance, best practices and technical assistance in addressing application security issues will be part of theresponsibility

  • Provide expertise that ensures key checks and balances are completed to hold the 1LoD toaccount

  • Collaboratively work withapplicationdevelopment /AppSecchampions and guide them to follow thesecurityprocessessetin the SDLC gates

  • Support andprovide guidanceto1LoDon risks mitigation strategiesand remedialactions

  • Workwith stakeholders across the countries to promote consistentIT, Data and Application security best practices,standards and other company-wideinitiatives

  • Manage and update Key Performance Indicators (KPI's)assignedfortheteam

  • Managing monthlyApplication Security meetings and coordinating training for development staff

  • Manage new projects and initiatives as needs ariseand performs related duties as required

Our commitment to you

  • Our mission to be a part of making Decisions Easier and Lives Better

  • A leadership team dedicated to your growth and success

  • A bold ambition and set of goals to be a leader in driving transformation in our industry

  • Our best. Every day.

Learn more about opportunities with us at
Every career at Manulife/John Hancock provides the opportunity to learn new skills and move your career forward. Ready to make an impact somewhere What are you waiting for Apply today.
About John Hancock and Manulife
John Hancock is a unit of Manulife Financial Corporation, a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States, and Manulife globally, including Canada, Asia and Europe. We provide financial advice, insurance and wealth and asset management solutions for individuals, groups and institutions. Assets under management and administration by Manulife and its subsidiaries were CAD$1.3 trillion (US$1.1 trillion) as of June 30, 2021. Manulife Financial Corporation trades as MFC on the TSX, NYSE, and PSE, and under 945 on the SEHK. Manulife can be found at (
One of the largest life insurers in the United States, John Hancock supports more than 10 million Americans with a broad range of financial products, including (
Manulife is an Equal Opportunity Employer
At Manulife/JohnHancock, we embrace our diversity. We strive to attract,developandretaina workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention,advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin,colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers toprovideequal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process.All information shared during the accommodation request process will be stored and used in a manner that is consistent withapplicable laws and Manulife/John Hancock policies.To request a reasonable accommodation in the application process, contact [Confidential Information] (mailto:[Confidential Information]).

Job Details

This is a values-led organization where people bring their passions, ambitions, and the full scope of their life experience to work. This makes for a stronger community, culture, and business. Individually and collectively, we are harnessing our potential, and exploring new opportunities we'd never imagined.We're consistently recognized as a top employer. We offer work that challenges and makes a difference within a flexible and supportive environment, so you can help make decisions easier and lives better for our customers.Recent Awards include:Forbes 2020 World's Best EmployersGreater Toronto's Top Employers 2020Canada's Top Employers for Young People 2020Canada's Best Diversity Employers 2020For Manulife/John Hancock's most recent jobs sent directly to your inbox, please create an account/ sign in and click on ‘Job Alerts' in the top right corner of the page to sign up.

Similar Jobs

Career Advice to Find Better