Your Opportunity

• We are looking for an experienced and highly motivated Manager Application Security to join Manulife’s Global Wealth and Asset Management Application Security team. The role will push forward GWAMs Cross-Enterprise application security vision by creating guidance and mechanisms that enable the company to think firm-wide when considering capabilities development. You'll work closely with business, product, and technology partners to translate long-term objectives into designs that fuel firm-wide reuse and convergence.

• As a Manager Application Security you will work closely with our GWAM IT Risk and Cybersecurity teams in improving the maturity of the practices within third-party and originally developed software solutions.

• Our Manulife / John Hancock family is going through an exciting, yet challenging metamorphosis. We are transforming from a wise 130-year-old company into an agile 130-year-young company. This is a journey, and to quote T.S. Elliot; “The journey, Not the destination matters...”. On this journey, we expect all to bring their knowledge, skills and experience as a team and, when we don’t know, we will learn.

• Within the Manulife family, our team is within Global Wealth and Asset Management and as a division we believe the truth is in the numbers. We believe it’s time to change the investment game. To do it differently by focusing on the value we bring our clients, rather than on the usual topics of performance and fees. We have just surpassed $1 trillion in assets under management with a diverse range of both public and private asset classes. Our division is global and have operations in North America, Asia and Europe and we serve a diverse range of clients from our own on-balance general account assets to institutional, retail and wealth.

• The right individual will be a proactive, self-starter that enjoys and thrives when connecting people and technology to solve sophisticated problems at-scale. You will analyze, model, and develop sophisticated and high-level architecture plans that require the integration of multiple technologies and coordination of functional areas across the organization. If you have a passion and skill for long-term end-to-end thinking balanced with crafting architecture increments that enable value for customers now, this opportunity is for you!

• The Application Security team within the Enterprise Architecture and Risk organization is responsible for defining the application security building blocks and capabilities to embed cross-enterprise application security and optimize how security integrated into the SDLC. We are an organization that values diverse and big thinking, rewards both behaviors and delivery, and focuses on growth and continuous improvement – all in support of Manulife’s mission to help clients and one another succeed. This role is a unique opportunity to join a team and company at the beginning of a multi-year platform transformation whose work will have direct impact on company direction, our customers, and our industry.

What you’re good at

• Collaborating with Product, Risk, Cyber and Technology teams to craft secure application security programs and patterns that enables business and technology vision.

• Understand sophisticated modern and legacy integrations and business information models to ensure integrity and a strong security profile

• Enterprise security and specifically developing large enterprise solutions with respect to developing security controls, methods to mitigate security risks

• Designing for both functional and non-functional qualities, including availability, resiliency, security, privacy, etc.

• Assisting the business in the scoping and planning of upcoming initiatives and roadmap items

• Implementing application security practice including threat modeling, risk assessment, application security to ensure the non-functional requirements are identified, and controls/requirements are required to mitigate these risks.

• Reviewing, advising, and providing feedback on security within and outside the team

• Developing reference implementation patterns related to security solutions.

• Helping to develop new and revising security governance (secure design reviews) processes to ensure alignment of a diverse set of technology projects with the enterprise target state vision.

• Connecting your business and technical insights to develop innovative proposals for evolving Manulife’s platforms, introducing new products or capabilities, or improving processes that benefit the firm or its customers.

What you have

• 5+ years Application Security Engineer experience

• Ability to analyze the information flow and recommend appropriate technology to support the business process.

• Experience enabling and actively guiding others on application security tools including Static Analysis (SAST), Dynamic Analysis (DAST), OSS (Open-source vulnerabilities).

• Experience in reviewing security design of business applications and proposing countermeasure to address risk

• Experience in providing application security support to developers.

• Experience with Dev Sec Ops and securing different CD/CI pipelines using different types of security tools.

• Experience and knowledge of security functions (AuthN, AuthZ, Transport Security, Secure Configuration, Data validation/sanitizations,security exceptions logging).

• Hands-on experience in application and system penetration testing and code reviewing.

• Experience with Threat modeling, secure development lifecycle and secure testing methodologies

• Knowledge of Vault capabilities and Security Incident and Event management systems

• Ability to evaluate new technologies and know the latest industry trends.

• Good judgment and the ability to handle high pressure situations.

• Knowledge of the enterprise security space: languages, frameworks (e.g. OWASP Top 10, NIST CSF), techniques, and industry trends.

• Ability (and preference) to work in an Agile environment.

• Refined presentation and communication skills and expertise interfacing and communicating effectively with both engineers and executives.

• Security Certification preferred (CISSP, CISM, OSCP, etc.)

What can we offer you?

• A competitive salary and benefits packages.

• A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.

• A focus on growing your career path with us.

• Flexible work policies and strong work-life balance.

• Professional development and leadership opportunities.

Our commitment to you

• Values-first cultureWe lead with our Values every day and bring them to life together.

• Boundless opportunityWe create opportunities to learn and grow at every stage of your career.

• Continuous innovationWe invite you to help redefine the future of financial services.

• Delivering the promise of Diversity, Equity and InclusionWe foster an inclusive workplace where everyone thrives.

• Championing Corporate CitizenshipWe build a business that benefits all customers and has a positive social and environmental impact.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit .

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact .

Primary Location

Toronto, Ontario

Working Arrangement

Hybrid

Salary range is expected to be between

$92,190.00 CAD - $171,210.00 CAD

If you are applying for this role outside of the primary location, please contact for the salary range for your location. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance.

Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact for more information about U.S.-specific paid time off provisions.