Senior Manager-Vendor Information Security Management - Tokyo, 日本 - Company 180 - Manulife Life Insurance Company (Japan)

    Company 180 - Manulife Life Insurance Company (Japan)
    Company 180 - Manulife Life Insurance Company (Japan) Tokyo, 日本

    1週間前

    Default job background
    フルタイム
    説明

    Description

    The Opportunity

    The incumbent will be responsible for standing up the Asia Third-Party shared service team and ensuring that Information Security assessments and reassessments of Third-Party relationships are performed as needed where sensitive data is in scope for Japan. These risk assessments will include the review of complex contractual requirements for third parties and are regularly updated (in conjunction with Information Risk peers and legal) depending on risk/regulatory climate. The incumbent will be responsible for conducting site visits (both virtual and in person). The role develops key partnerships with executive leadership and their staff to facilitate positive change. The incumbent is considered an information risk subject matter expert and uses critical thinking and independent decision-making to facilitate core business processes and business objectives from an information risk perspective. The role participates in key projects and initiatives ensuring information risk is always considered and managed appropriately.

    What motivates you?

  • You obsess about customers, listen, engage and act for their benefit.
  • You think big, with curiosity to discover ways to use your agile mindset and enable business outcomes
  • You thrive in teams, and enjoy getting things done together
  • You take ownership and build solutions, focusing on what matters
  • You do what is right, work with integrity and speak up
  • You share your humanity, helping us build a diverse and inclusive work environment for everyone

    • We are looking for someone with:

  • Bachelor's degree in related field
  • 10 to 15 years of relevant work experience,
  • CISA or CRISC certifications
  • Strong vendor management skills
  • Leadership skills managing teams across the region
  • Working knowledge of financial services and technology operation
  • Ability to present to and work with all levels of management
  • Ability to manage high visibility and high risk consequences
  • Proven experience in technology audit, risk and/or compliance
  • Effective communication, presentation, negotiation and influencing skills.
  • Proven ability to quickly and easily adapt to changes within the business and organization.
  • Recommends risk management approaches to business that balance business needs with known risk tolerances
  • Able to explain and bring business specific context to key IRM principles
  • Understands constraints that impact specific operations and decisions in their immediate area, business and/or division
  • Communicates in a manner that is easily understood and actionable
  • Is a powerful influence in a team environment
  • Understands project management, gating processes and project planning
  • Can independently manage work modules within a larger project plan or work breakdown schedule
  • Provides and exhibits an expert understanding of specific technical concepts and solutions

    • On the job you will:

  • Responsible for the Asia IS risk assessments of new and existing vendors in Japan and working with Category Managers in Procurement, BU contacts and contract owners, BU security officers and business continuity analysts.
  • Perform on site visits of vendors as required.
  • Assist in the development, maintenance, and implementation of information risk policies and procedures as well as the monitoring processes and measures to enforce those policies.
  • Contribute to the development of IS risk processes that support Global Information Risk Management objectives.
  • Perform contract reviews working with Legal as appropriate
  • Develop reporting and insights to be used by executives, risk organization (Operational, Information, and Enterprise Risk Management), technology teams, and other key stakeholders.
  • Build relationships with other teams, Audit Services, Global Information Risk Management, BCM, Compliance, Operational Risk Management, and other risk and control groups to develop integrated strategies to manage key areas of risk.
  • Assist and actively participate in the team's plans to achieve goals
  • Participate in frameworks used to measure & report on progress towards the achievement of those goals., providing the utmost transparency.
  • Be part of an active team who remains current on emerging risks and technologies, key developments and strategies for the businesses you support. Keep abreast of new thoughts, tools and approaches.
  • Participate in key projects and initiatives ensuring information risk is always considered and managed.
  • Subject matter expert who assists business partners and IT colleagues to identify, quantify then manage their information security risks.

    • About Manulife and John Hancock

    Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better. With our global headquarters in Toronto, Canada, we operate as Manulife across our offices in Asia, Canada, and Europe, and primarily as John Hancock in the United States. We provide financial advice, insurance, and wealth and asset management solutions for individuals, groups and institutions. At the end of 2022, we had more than 40,000 employees, over 116,000 agents, and thousands of distribution partners, serving over 34 million customers. At the end of 2022, we had $1.3 trillion (US$1.0 trillion) in assets under management and administration, including total invested assets of $0.4 trillion (US $0.3 trillion), and segregated funds net assets of $0.3 trillion (US$0.3 trillion). We trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges, and under '945' in Hong Kong.

    Manulife is an Equal Opportunity Employer