Manulife

Information Security Analyst

Manulife

full-time

Posted on:

Location Type: Hybrid

Location: ManilaPhilippines

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureServiceNow

About the role

  • Perform information risk assessments in compliance with the global Information Risk Assessment methodology, policies, and standards.
  • Ensure each completed information risk assessment is peer-reviewed and communicated to various stakeholders.
  • Develop and enhance security requirements for DevOps environments and collaborate with developers, engineers, and support teams to help implement those requirements in applications, CI/CD pipelines, container workloads, etc.
  • Provide training and advise key stakeholders on requirements, processes, standards, and best practices around information security and risk management.
  • Respond to audits, second line of defense review, regulatory reviews, risk and control self-assessments.
  • Lead and facilitate cross-functional discussions to resolve information risk concerns, ensuring alignment with company standards across technology, business, and risk stakeholders.
  • Provide ad-hoc support for ServiceNow (SNOW) request handling, including reviewing and approving firewall and security group requests when required.
  • Track and manage identified information risk issues and associated corrective action plans (CAPs), ensuring timely resolution and closure in alignment with governance requirements.

Requirements

  • Experience in application security including secure software assessment tools like SAST, DAST, SCA, IAST, RASP, etc. or similar areas.
  • IT risk management experience in areas such as vendor risk management, project risk management, IT audit, or IT controls assessment.
  • Strong Knowledge of security controls, frameworks, regulatory requirements and standards, concepts (e.g. ISO 270XX, MAS, etc.), and industry best practices (e.g. OWASP, CSA, CIS).
  • Post-secondary education in information security, computer science, information technology, software engineering, or equivalent professional education.
  • Strong communication, presentation, time management, and facilitation skills to all levels and audiences.
  • Knowledgeable in AKS, Azure, AI Foundry and GitHub
  • Exceptional attention to detail, ensuring accuracy and completeness in risk documentation and issue tracking.
  • Strong interpersonal and collaboration skills to effectively engage with diverse teams and stakeholders
  • Problem solving, analytical, and innovative mindset.
  • A team player who can also work independently.
  • Amenable to work on a day/mid shift schedule
  • Amenable to work on a hybrid set-up (3x a week onsite)
Benefits
  • flexible work arrangements
  • professional development
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information risk assessmentapplication securitysecure software assessmentIT risk managementsecurity controlsregulatory requirementsISO 270XXOWASPGitHubCI/CD
Soft Skills
communicationpresentationtime managementfacilitationattention to detailinterpersonal skillscollaborationproblem solvinganalytical mindsetteam player