Manager / Senior Manager, Technology Audit Manulife
Boston, MA

Job Description

Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.

Job Description

The Manager - North America Segment Technology, Audit Services is accountable for the delivery of audit projects as part of a high quality, professional, cost-effective, value-added and risk-based internal audit practice. Possible projects include those across a variety of areas in the enterprise, including but not limited to technology groups serving our businesses in Canadian Segment, John Hancock, Global Wealth & Asset Management (GWAM), Group Functions (GF) and the Global Data Office (GDO).

Audit Delivery and Oversight

* Plan and execute audits and special audit projects to objectively evaluate the effectiveness of key controls and adequacy of risk management practices; collaborating with management to obtain a consensus on establishing the problem, risks exposure; produce meaningful audit reports that clearly articulate the position on risks and related issues, while meeting Audit Services operational targets related to budget, timeline and quality of execution
* Plan and execute audit work as part of annual Technology Application and Infrastructure GCC SOX efforts in collaboration with Technology Management, SOX PMO and COEs and external audit
* Perform integrated/cross functional audits in partnership with groups across Audit Services to provide comprehensive reporting on risks that could prevent the achievement of management's objectives
* Provide management with timely recommendations that reduce risk, help them run their business better, make strategic and operational decisions, and oversee management of risks and controls;

Stakeholder Management

* Managing and communicating expectations regarding work deadlines and deliverables
* Providing relevant stakeholders with an overview of audit work and commentary on the control environment, including trends and emerging issues that could impact the Company
* Collaborate effectively with divisional and global stakeholders in Technology and Information Risk Management; leverage second line of defense activities to execute on deliverables
* Establishing a high level of credibility and building professional relationships with stakeholders responsible for Technology across all Segments and Global Functions in North America

Skills

* Knowledgeable about cybersecurity concepts including security operations, version control tools, secure code development, code scanning, code reviews, application penetration testing, vulnerability management, DLP, SIEM, security engineering, cryptography, cloud security, security architecture, cyber threat intelligence, Azure, AWS, virtualization
* Knowledgeable about network security concepts and tools including network access controls, intrusion detection and prevention, central authentication, network penetration testing.
* Knowledgeable about infrastructure technology including operating systems, databases, active directory, firewalls, routers, switches, information risk management, vendor management, ethical hacking tools and toolsets Qualys, Splunk, Netskope, Zscaler, Nmap, Kali Linux.
* Knowledgeable about IT general control concepts, such as, access security, change management, incident management, asset and configuration management.

Job Requirements

* Exceptional communications judgement and the ability to communicate clearly and succinctly to effectively deliver key messages verbally and in writing and to listen and consider various perspectives; confident presentation and facilitation skills and strong interpersonal and leadership skills to facilitate working with senior management at all levels
* Relevant post-secondary education or equivalent experience, plus a recognized auditing (e.g. CA, CPA, CISA) or security (e.g. CISSP, CISM, CEH) designation/certification or equivalent experience
* Experience working in a client-facing, matrix, project-based organization is preferred; typically gained through prior audit, advisory, consulting, or public accounting experience in a "Big Four" or other professional services firm, or other large organizations
* Ability to quickly understand business processes and risks, identify key controls, analyze complex situations, reach appropriate conclusions, make value-added and practical recommendations and influence management to take appropriate actions on recommendations
* In-depth knowledge of audit methodologies, project management and system development methodologies (including Agile), control frameworks and risk management practices, and regulatory requirements; Exceptional understanding of how technology supports business strategies, the latest technology and cyber security trends, best practices and industry standards; excellent working knowledge of risks affecting financial institutions and insurance industry
* Experience working with external auditors (Statutory Audit, SOX, SOC 1 and 2 engagements) effectively and helping technology management understand the impacts is preferred
* Previous people management experience preferred, with the ability to lead and motivate a team of professionals in a new and rapidly changing environment to deliver with timeliness and quality
* Results oriented with a keen focus on quality and delivering value; ability to balance multiple priorities and projects; strong attention to detail while retaining focus on the "big picture" and top risks; flexible and organized with the ability to oversee multiple projects concurrently
* Excellent influencing, relationship building and negotiation skills; professional presence, ability to navigate a matrix environment and influence across different areas and levels of management both in Audit Services and Technology
* Demonstrated ability to work effectively in diverse environments and cultures, over multiple office locations
* Ability to identify opportunities to utilize data analytics for enhanced depth and breadth of audit coverage
* Highest level of integrity accompanied by strong ethical principles

Organizational Assumptions

* Manage individuals on an engagement by engagement basis (across locations, primarily in Boston and Toronto)
* Manage relationships with senior management and external auditors
* All types of audits may be performed such as: technology, project, integrated audits as well as the assistance with the annual external audit and other projects
* Special work may be performed as determined by department priorities
* May need to travel within North America

If you are ready to unleash your potential it's time to start your career with Manulife/John Hancock.

About Manulife

Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions. At the end of 2018, we had more than 34,000 employees, over 82,000 agents, and thousands of distribution partners, serving almost 28 million customers. As of March 31, 2019, we had over $1.1 trillion (US$849 billion) in assets under management and administration, and in the previous 12 months we made $29.4 billion in payments to our customers.

Our principal operations in Asia, Canada and the United States are where we have served customers for more than 100 years. With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.

Manulife is an equal opportunity employer. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention and advancement and we administer all of our practices and programs based on qualification and performance and without discrimination on any protected ground.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will consult with applicants contacted to participate at any stage of the recruitment process who request any accommodation. Information received regarding the accommodation needs of applicants will be addressed confidentially.