Standards Assurance and Risk Monitoring Director
Manulife
The Director, Standards Assurance and Risk Monitoring (SARM) is a broadly scoped and highly leveraged leadership role that combines strategic oversight with hands-on execution of risk assurance activities. The role requires a strong risk assurance mindset, deep expertise in control testing, and the ability to lead both control-based and scenario-based engagements to assess the effectiveness of risk management practices across the organization.
Reporting to the AVP, Global Information Risk Assurance Program, the incumbent is responsible for executing objective, risk-based assurance within the 2nd line of defense. This includes assessing the effectiveness of 1st line ownership of end-to-end technology processes and their adherence to established standards. The role provides confidence to senior management, Audit and regulatory bodies that risks are appropriately identified, assessed, and managed.
Assurance activities are conducted using sample-based control testing and scenario-driven testing approaches , evaluating control design, operating effectiveness, and the resilience of processes under plausible risk conditions.
Position Responsibilities:
Leadership & Execution
-
Lead and develop a team of assurance professionals, fostering a culture of accountability, quality, and continuous improvement.
-
Provide day-to-day direction and oversight to team members, ensuring high-quality delivery aligned to established methodologies and timelines.
-
Support annual planning and ongoing evolution of the SARM program.
-
Manage multiple concurrent engagements, ensuring delivery against quality, scope, and timeline expectations.
-
Partner in the execution of the 2nd line SARM annual assurance and risk monitoring plan, with a balanced focus on control-based and scenario-based testing engagements .
Assurance & Risk Monitoring Activities
-
Define and scope assurance activities, including complex scenario-based assessments that simulate real-world risk events and stress control environments.
-
Perform assurance across key technology and information risk domains, including:
-
Business Continuity, Disaster Recovery, and Crisis Management
-
Technology Risk Management (e.g., third-party risk, IT asset inventory, incident management, information handling and destruction)
-
Information Security (e.g., vulnerability management, network and application security, cyber incident response, identity and access management, cryptographic safeguards, logging and monitoring, penetration testing, and KRI/KPI validation)
-
Innovation in Assurance Techniques
-
Leverage advanced tools, including Microsoft Copilot and other AI-enabled technologies , to enhance assurance execution, including:
-
Generating risk insights and scenario design
-
Identifying anomalies and patterns in control performance
-
Supporting more dynamic, forward-looking testing approaches
-
Quality, Reporting & Governance
-
Ensure all assurance activities are executed in accordance with Global Information Risk Management (GIRM) methodologies and standards.
-
Provide deep subject matter expertise to enhance the quality of observations, findings, and risk insights.
-
Socialize findings with stakeholders, driving transparency, alignment, and action.
Stakeholder Management & Influence
-
Build and maintain strong relationships with business and technology stakeholders across the organization.
-
Provide advisory insights on risk management practices and control improvements.
-
Influence key risk decisions through credible, data-driven assurance outcomes.
Qualifications (Experience, Knowledge & Skills)
-
Minimum 10 years of experience in Information Security, Technology Risk, or related fields within a large enterprise environment
-
Demonstrated experience in control testing, assurance, and/or risk monitoring , including scenario-based assessments
-
Strong understanding of 1st and 2nd line of defense models , with prior experience in 2nd or 3rd line functions
-
Deep knowledge of information risk management frameworks and industry best practices
-
Proven leadership experience, including managing and developing teams
-
Experience performing assurance across diverse technology and information security domains
-
Strong analytical, problem-solving, and critical thinking skills
-
Excellent written and verbal communication skills, including the ability to produce executive-ready materials
-
Strong stakeholder management and influencing capabilities
-
University degree in Computer Science or related discipline preferred
-
Knowledge of regulatory environments in the U.S. and Canada
-
Professional certifications such as CISSP, CISA, CRISC, or equivalent preferred
Core Competencies
-
Strategic thinker with strong execution discipline
-
Strong communication, consulting, and influencing skills
-
Advanced problem-solving and analytical capabilities
-
Ability to translate complex technical risks into business-relevant insights
-
Effective stakeholder alignment and relationship-building
-
High level of organization and time management to manage multiple priorities
-
Collaborative team player with a leadership mindset
When you join our team:
-
We’ll empower you to learn and grow the career you want.
-
We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
-
As part of our global team, we’ll support you in shaping the future you want to see.
About Manulife and John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html .
Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.
It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact [email protected] .
Working Arrangement
HybridHow to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Laboratory Technician | Junior High School
Financial Analyst
Business Relationship Officer (Sangandaan)