Senior Security Program Manager
Medtronic
Lead Security Architect – Director-level, Individual Contributor
Manulife
full-time
Posted on:
Location Type: Hybrid
Location: Toronto • Massachusetts • 🇺🇸 United States
Visit company websiteSalary
💰 CA$110,530 - CA$205,270 per year
Job Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityFirewallsKubernetesLinuxUnix
About the role
- Lead the design and development of robust security frameworks, standards, and best practices for global systems, data, and networks; create reference architectures and implementation patterns for security solutions.
- Translate business, technology, and threat drivers into practical security roadmaps aligned with organizational goals.
- Conduct financial evaluations of security technologies, including quantifying purchasing and licensing options, estimating labor costs, and calculating total cost of ownership (TCO), ROI, or payback period.
- Draft project plans for security service and technology deployments and coordinate with stakeholders across the organization to ensure successful implementation.
- Collaborate with enterprise architecture, development, and risk management teams to integrate security throughout the project lifecycle.
- Conduct comprehensive risk assessments to identify vulnerabilities and define necessary controls; partner with global information risk management teams to prioritize and mitigate risks.
- Continuously evaluate the security of new and emerging technologies and recommend/implement innovative solutions.
- Act as a security subject matter expert, coaching and mentoring development teams and communicating complex security standards and strategies to technical staff and senior management.
- Design and implement security frameworks for Machine Learning (ML), Generative AI (GenAI), and Agentic AI systems; evaluate AI-powered security tools and integrate AI capabilities into security operations and threat detection.
- Assess solution architectures for compliance with security standards, define secure service interfaces, provide guidance on threat modelling and secure software development methodologies.
- Provide deep expertise in securing multi-cloud computing environments (SaaS, IaaS, PaaS), with a strong focus on Microsoft Azure and AWS.
Requirements
- Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.
- Relevant industry certifications such as CISSP (Certified Information Systems Security Professional) or CCSP (Certified Cloud Security Professional) are required.
- At least 10 years of experience specifically in senior information security architecture roles, with demonstrated progression in responsibility and complexity.
- Proven experience in the financial services industry, with understanding of regulatory requirements, compliance frameworks, and industry-specific security challenges.
- Experience in using architecture methodologies such as SABSA, Zachman, and/or TOGAF.
- Direct, hands-on experience or strong working knowledge of managing security infrastructure—e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology.
- Verifiable experience reviewing application code for security vulnerabilities.
- Experience securing CI/CD pipelines.
- Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.
- Experience designing the deployment of applications and infrastructure into public cloud services.
- Direct experience designing IAM technologies and services, including Active Directory, Lightweight Directory Access Protocol (LDAP), and Amazon Web Service (AWS) IAM.
- Extensive knowledge of full-stack IT infrastructure, including applications, databases, Windows/Unix/Linux operating systems, hypervisors, WAN/LAN networking, storage networks (Fibre Channel, iSCSI, NAS), backup networks and media, and Containers/Kubernetes.
- Excellent verbal and written communication skills; strong analytical, problem-solving, and decision-making abilities.
- Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement.
Benefits
- Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans.
- Employees have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.
- Various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources.
- Generous paid time off program in Canada including holidays, vacation, personal, and sick days, and the full range of statutory leaves of absence.
- Opportunity to participate in a global share ownership plan (stock ownership) with employer matching contributions.
- Hybrid work arrangement (3 days in office, 2 days from Home)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security frameworksrisk assessmentsvulnerability managementthreat modellingCI/CD pipelinessecurity infrastructureIAM technologiescloud securityfinancial evaluationssecurity architecture methodologies
Soft skills
communication skillsanalytical abilitiesproblem-solvingdecision-makingcoachingmentoringstakeholder engagementcollaborationleadershiporganizational skills
Certifications
CISSPCCSP
