Manulife

Information Risk Manager

Manulife

full-time

Posted on:

Location Type: Hybrid

Location: Quezon CityPhilippines

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudServiceNow

About the role

  • Provide independent second line challenge of first line risk assessments, controls, and risk decisions.
  • Assess adequacy of technology, data, and operational risk practices against standards and regulatory expectations.
  • Develop clear, evidence‑based second line risk opinions and escalate material issues with recommendations.
  • Perform deep‑dive RCSA reviews and challenge risk ratings, control assertions, and completeness of assessments.
  • Identify underassessed risks, weak controls, and cross‑assessment inconsistencies.
  • Challenge vendor due diligence, inherent risk scoring, and oversight adequacy for cloud, SaaS, and critical providers.
  • Review major technology initiatives and platform changes for risk impacts and sufficiency of mitigation plans.
  • Evaluate risks associated with architecture changes, new solutions, and implementation activities.
  • Review incidents, classifications, RCA quality, and recurrence prevention measures.
  • Assess and challenge risk acceptances and corrective action plans for feasibility and urgency.
  • Validate CAP closure evidence as part of second line review.
  • Review business continuity plans, DR test results, and resilience capabilities, challenging gaps and assumptions.
  • Analyze enterprise risk data to identify systemic issues, trends, and emerging risks.
  • Use Generative/Agentic AI and automation tools to enhance oversight efficiency and thematic analysis.
  • Communicate challenge outcomes clearly, advise stakeholders, and represent second line in risk discussions and governance forums.​

Requirements

  • 6–10+ years of experience in Information Risk, Technology Risk, Cyber Risk, GRC, or Operational Risk.
  • Experience performing independent second‑line oversight or audit-style review activities.
  • Strong understanding of technology, data, cloud, infrastructure, and operational resilience risks.
  • Ability to evaluate complex risk scenarios and form well‑supported second‑line opinions.
  • Experience with risk programs (RCSA, third‑party risk, issues, incidents, BC/DR, change risk).
  • Familiarity with GRC platforms such as Archer, ServiceNow, or Fusion.
  • Knowledge of regulatory frameworks and standards (ISO, NIST, COBIT, CSA/CCM, OSFI, etc.).
  • Exposure to Generative AI, Agentic AI, automation tools, or continuous monitoring technologies.
Benefits
  • We’ll empower you to learn and grow the career you want.
  • We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
  • As part of our global team, we’ll support you in shaping the future you want to see.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information RiskTechnology RiskCyber RiskOperational RiskRCSAthird-party riskbusiness continuitydisaster recoveryrisk assessmentrisk management
Soft Skills
independent oversightanalytical skillscommunicationstakeholder engagementproblem-solvingdecision-makingcritical thinkingchallenge assessmentrecommendation formulationgovernance representation