Manager, Governance & Control

We are seeking a Manager, Governance, and Control to join our team within the Governance & Control (G&C) function, which is part of first-line technology operations focused on handling operational risk and is responsible for operationalizing and driving the Global Technology Governance, Risk & Control strategy. G&C aligns with leadership to set the risk culture, supports IT in identifying and mitigating risks end-to-end, and provides an objective view of key risks to enable business decisions. G&C also provides processes, data, skilled resources, and insight to supervise accountability and enable risk-based decisions. The function is responsible for measuring performance against required requirements that come from the company’s Policies & Standards, Regulatory and Contractual obligations and providing an enterprise view of the operational risk posture.

Reporting to the Director, Global Technology Governance & Control, the successful candidate will be responsible for leading risk and control assessment activities including the annual SOX compliance program.

Key Responsibilities:

SOX Compliance Monitoring:

• Supervise materiality decisions for their impact on IT controls.

• Update control procedures and frameworks to reflect changes in required controls.

• Coordinate walkthrough and testing schedules with key collaborators.

• Maintain process documentation, coordinate evidence collection, and lead walkthroughs for Entity Level Controls related to IT.

• Coordinate kickoff meetings within IT, internal audit, external auditors, and control owners.

• Raise delays in evidence requests and support resolution efforts.

Issue Management and Reporting:

• Conduct root cause analysis of issues with key collaborators to address common and repetitive issues.

• Report on progress related to resolving issues and corrective action plans.

• Report and supervise updates made to control inventories in the system of record.

• Handle the yearly IT SOX plans submitted by collaborators and supervise important checkpoints.

• Handle the IT SOX Operational Forum with collaborators.

• Own the IT SOX collaboration site.

Performance Measurement and Training:

• Establish key performance indicators to supervise progress, measure, and report results.

• Establish a training program for new IT SOX leads and deliver as vital.

• Design and communicate program requirements for planning, coordination, issue remediation, and reporting.

• Update the weekly and monthly Global Governance & Control reports.

• Debrief on annual results and provide recommendations for improvement.

Risk and Control Assessment:

• Lead information security, technology risk management activities within the G&C function.

• Monitor, analyze and report key risks, issues and control gaps to relevant collaborators.

• Participate in change reviews on Operational, Information and Technology Risk related policies and standards and assist in developing awareness programs, standard methodologies, and planning for change management activities that would help the First-Line Technology function to align with the requirements.

• Monitor, track and report on non-compliance and assist in planning and implementing risk and control remediation activities.

Key Qualifications:

• Minimum 5-8 years of dynamic leadership in Information Security, Business Resiliency, or Technology Risk Strategy & Governance functions within a large enterprise preferably operating in Banking, Financial Services or Insurance domain.

• University Degree in Technology, Business, Risk Management, Auditing or related field.

• Previous Technology/Cyber Risk advisory consulting experience is an advantage.

• Solid understanding of the Sarbanes-Oxley Act of 2002, COSO Principles on Internal Controls.

• Prior experience as a program manager within a technology function.

• Relevant industry-leading certifications such as PMP, PRINCE2, PMI-ACP, CPM, or MPM is an asset.

• Relevant risk management certifications such as CISSP, CISA, CRISC, ISO-27001 Lead Auditor or equivalent are highly preferred.

• Prior experience in leading or supporting technology, cyber and privacy related risk assessments and audits

• Familiarity with SOC1, SOC2, ISO-27001 and similar audit reports and related CSAE-3416/ISAE 3402/SSAE-18 standard requirements are an asset.

• Familiarity with Archer GRC tool, JIRA, Power-BI reporting, and ServiceNow is preferred.

Key Competencies:

• Strong leadership, communication, presentation, consulting, decision-making, and influencing skills.

• Strong partner management and alignment skills.

• Strong time management and organizational skills to lead multiple tasks and changing priorities with tight deadlines.

• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.

• Ability to summarize and articulate information on issues, concerns, problems and themes, and make presentations that would appeal to varied collaborators including C-Level management, Auditors, Peers, First-Line Technology and G&C function leads.

• Ability to work independently and collaboratively.

Working Conditions:

• Flexibility in working hours to collaborate with colleagues in different time zones.

When you join our team:

• We’ll empower you to learn and grow the career you want

• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team, we’ll support you in shaping the future you want to see.

What motivates you?

• You obsess about customers, listen, engage and act for their benefit.

• You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.

• You thrive in teams and enjoy getting things done together.

• You take ownership and build solutions, focusing on what matters.

• You do what is right, work with integrity and speak up.

• You share your humanity, helping us build a diverse and inclusive work environment for everyone.

What can we offer you?

• A competitive salary and benefits packages.

• A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.

• A focus on growing your career path with us.

• Flexible work policies and strong work-life balance.

• Professional development and leadership opportunities.

Our commitment to you

Values-first culture: We lead with our Values every day and bring them to life together.

Boundless opportunity: We create opportunities to learn and grow at every stage of your career.

Continuous innovation: We invite you to help redefine the future of financial services.

Delivering the promise of Diversity, Equity and Inclusion: We foster an inclusive workplace where everyone thrives.

Championing Corporate Citizenship: We build a business that benefits all partners and has a positive social and environmental impact.

À propos de Manuvie et de John Hancock

La Société Financière Manuvie est un chef de file mondial des services financiers qui aide les gens à prendre leurs décisions plus facilement et à vivre mieux. Pour en apprendre plus à notre sujet, rendez vous à l’adresse www.manuvie.com.

Manuvie est un employeur qui souscrit au principe de l’égalité d’accès à l’emploi

À Manuvie/John Hancock, nous embrassons notre diversité. Nous nous efforçons d’attirer, de perfectionner et de maintenir un effectif qui est aussi varié que nos clients, et de favoriser la création d’un milieu de travail inclusif qui met à profit la diversité de nos employés et les compétences de chacun. Nous nous engageons à assurer un recrutement, une fidélisation, une promotion et une rémunération équitables, et nous administrons toutes nos pratiques et tous nos programmes sans discrimination en raison de la race, de l’ascendance, du lieu d’origine, de la couleur, de l’origine ethnique, de la citoyenneté, de la religion ou des croyances ou des convictions religieuses, du genre (y compris grossesse et affection liée à une grossesse), de l’orientation sexuelle, des caractéristiques génétiques, du statut d’ancien combattant, de l’identité de genre, de l’expression de genre, de l’âge, de l’état matrimonial, de la situation de famille, d’une invalidité ou de tout autre motif protégé par la loi applicable.

Nous nous sommes donné comme priorité d’éliminer les obstacles à l’accès égalitaire à l’emploi. C’est pourquoi un représentant des Ressources humaines collaborera avec les candidats qui demandent une mesure d’adaptation raisonnable pendant le recrutement. Tous les renseignements communiqués pendant le processus de demande de mesures d’aménagement seront stockés et utilisés conformément aux lois et aux politiques applicables de Manuvie/John Hancock. Pour demander une mesure d’aménagement raisonnable dans le cadre du recrutement, écrivez à recruitment@manulife.com.

Région principale

Semaine de travail comprimée

L’échelle salariale devrait se situer entre

Si vous posez votre candidature à ce poste en dehors de la région principale, veuillez écrire à recruitment@manulife.com pour obtenir l’échelle salariale correspondant à votre région. Le salaire varie en fonction des conditions du marché local, de la géographie et de facteurs pertinents liés au poste telles les connaissances, les compétences, les qualifications, l’expérience et l’éducation ou la formation. Les employés ont également la possibilité de participer à des programmes de motivation et de toucher une rémunération incitative liée au rendement de l’entreprise et au rendement individuel.

Manuvie offre aux employés admissibles une vaste gamme d’avantages sociaux personnalisables, notamment une assurance soins médicaux, soins dentaires, santé mentale, soins de la vue, invalidité de courte et de longue durée, assurance vie et assurance DMA, assurance adoption, de maternité de substitution et de soins médicaux non urgents ainsi que des programmes d’aide aux employés et leur famille. Nous proposons également aux employés admissibles différents régimes d’épargne-retraite (y compris des régimes de rente et un programme international d’actionnariat assortie de cotisations patronales de contrepartie) ainsi que des ressources en matière d’éducation et de conseils financiers. Notre généreux programme de congés rémunérés au Canada comprend les jours fériés, les congés annuels, les congés personnels et les congés de maladie, et nous offrons toute la gamme des congés autorisés prévus par la loi. Si vous posez votre candidature à ce poste aux États-Unis, veuillez écrire à recruitment@manulife.com pour obtenir de plus amples renseignements sur les dispositions relatives aux congés rémunérés spécifiques aux États-Unis.