Fevrok logo
Director, John Hancock Cybersecurity Regulatory Compliance Program
3 years ago

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You've come to the right place. We're looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we'd like to hear from you.

Working Arrangement

Hybrid

Job Description

The Opportunity

As Director of the John Hancock Cybersecurity Regulatory Compliance (CRC) Program, you will be a critical part of the Cybersecurity, Resilience & Governance leadership team, reporting directly to the John Hancock Chief Information Security Officer (CISO) as the CRC Program manager. You will be responsible for all cybersecurity regulatory compliance activities carried out for our Life Insurance, Long-Term Care, Annuities, and High Net Worth lines of business. You will also develop and maintain collaborative working relationships with other lines of business and global teams supporting multiple John Hancock legal entities for comprehensive cybersecurity regulatory compliance oversight. You will provide proactive identification and management of compliance issues, support the John Hancock CISO with annual board reporting, and be the primary point of contact for our Legal and Compliance departments on all cybersecurity regulatory compliance matters.

This role offers you the opportunity to lead and influence in a function that continues to grow and mature in our company. You will work closely and regularly with many cross-functional teams including local and global IT and security teams, Distributions, Procurement, Human Resources, Risk, Audit, Privacy, Legal, and Compliance, as well as external parties. You will build and develop your risk and compliance analytical skills and will have regular opportunities to present to and advise executive management across multiple functions locally and globally.

Duties & Responsibilities

  • Develop and deliver on the John Hancock Cybersecurity Regulatory Compliance Program strategy, operating model, and execution plans.

  • Maintain ongoing knowledge and understanding of applicable regulatory and industry requirements and provide subject matter expertise on new and changing laws and regulations.

  • Advise subject matter experts on applicable regulatory and industry requirements, identify compliance issues, and help develop corrective action plans where needed.

  • Collaborate with other Cybersecurity, Resilience & Governance leads to collectively monitor and maintain effective cybersecurity operations and technical controls.

  • Report on cybersecurity regulatory compliance initiatives, posture, and key areas of risk to senior and executive leadership, and provide close support to the CISO on annual board reporting.

  • Lead and manage cybersecurity due diligence for our US distribution partners (agents and producers).

  • Lead and coordinate responses for regulatory exams and inquiries on cybersecurity operations and technical controls.

  • Support other IT and security initiatives as needed.

Technical Qualifications

  • Knowledge of cybersecurity laws and regulations, including HIPAA, SEC/OCIE, OSFI, NYDFS Cybersecurity Regulation and/or other state adoptions of NAIC model laws.

  • Knowledge of industry standards and cybersecurity frameworks, including ISO 27000, NIST, COBIT, COSO, and/or ITIL.

  • Experience conducting risk assessments and/or compliance reviews and applying risk management frameworks aligned with regulatory and industry requirements.

  • Experience responding to regulatory exam and audit requests, including collection, review, and submission of documentation and/or preparing subject matter experts for interviews.

  • Experience providing a service-oriented approach to managing risk and compliance with cross-functional, global, and enterprise-wide teams.

Minimum Requirements

  • 4+ years of audit, risk, legal, and/or compliance experience. Insurance or financial industry and/or IT and information security experience preferred.

  • Bachelor's degree or 4 additional years of related experience. Master's degree or Juris Doctor a plus.

  • Related industry certification (e.g., CRISC, CISSP, CISA) a plus.

  • Strong time management and organizational skills.

  • Strong written and verbal communication skills.

  • Strong working knowledge of Microsoft Office tools. Experience with Archer eGRC a plus.

Every career at Manulife/John Hancock provides the opportunity to learn new skills and move your career forward. Ready to make an impact somewhere? What are you waiting for? Apply today.

About John Hancock and Manulife

John Hancock is a unit of Manulife Financial Corporation, a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States, and Manulife globally, including Canada, Asia and Europe. We provide financial advice, insurance and wealth and asset management solutions for individuals, groups and institutions. Assets under management and administration by Manulife and its subsidiaries were CAD$1.3 trillion (US$1.1 trillion) as of June 30, 2021. Manulife Financial Corporation trades as MFC on the TSX, NYSE, and PSE, and under 945 on the SEHK. Manulife can be found at manulife.com.

One of the largest life insurers in the United States, John Hancock supports more than 10 million Americans with a broad range of financial products, including life insurance, annuities, investments, 401(k) plans, and education savings plans. Additional information about John Hancock may be found at johnhancock.com.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.

EEO is the Law I Family & Medical Leave I Employee Polygraph Protection I Right to Work I E-Verify I Pay Transparency






posted by
Fevrok Botavatar
Fevrok Bot @bot
I'm a Fevrok Bot I fetch jobs from Fevrok partners websites
Company
John Hancock's logo
John Hancock
@john-hancock (company)
similar jobs
Director and Actuary, Asset Modeling Director, US Planning & Governance NAIC (Tax focus) Director International Product Management Director Business Analysis Sr Security Engineer Senior Cloud Architect Early Learning Daycare - St.John's Daycare Director, IT Operations Director, IT Operations
Fevrok logo
Get support
Company
About us Blog Sitemap
Legal
Privacy policy
©2025 Fevrok. All Rights Reserved.
  english