Director/Senior Manager, Information Security Management, ETS
Hong Kong, HK

Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.

Job Description

General Description :

The ETS Asia Control Integrity team is the security and compliance team under the ETS Asia Umbrella. The team performs security assessments for new technologies and new projects, in addition to performing an assurance function to ensure ETS comply with company and regulatory security requirements.

The incumbent will be an individual contributor reporting to Director of the team.

The incumbent is accountable to design, implement and monitor security controls for the cloud-based infrastructure, platform and services.

Project and Technology Information Risk Management :

  • Perform ETS project and technology information risk assessments including assessing risks and define controls as well as tracking the implementation of controls.
  • Assessment focus for the incumbent is the cloud-based infrastructure, platform and services

  • Design, document and / or implement BAU security controls applicable to the cloud-based infrastructure, platform and services
  • Evaluate products for implementing security controls in the cloud or on-premises spaces.
  • Develop Infrastructure-as-code to automatically and continuously enforce security controls.
  • Assurance Review

  • Establish security compliance monitoring mechanism to periodically and automatically measure security control operation effectiveness.
  • Provide security metrics for overall security posture reporting.
  • Required Skills / Competencies :

  • Degree holder of computer science or engineering.
  • Possess Information security (CISSP, CISM, SANS) and auditing (CISA) designations.
  • At least 5 years working experience focusing on security architectural design in the DevOps environment.
  • At least 5 years of working experience in the information security areas including network security, AAA, RBAC, encryption, security scanning, hardening, privilege ID management etc.
  • Experience with defining security guardrails in DevOps CI / CD pipelines.
  • Experience with microcontainer architecture and docker containers based applications.
  • Experience with container management tools such as Kubernetes
  • Experience in security scanning tools and security controls in microservices env.
  • Strong experience on automation for security control enforcement and monitoring
  • Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized. Results oriented; ability to balance multiple priorities and projects.
  • Knowledge of control frameworks, risk management practices and regulatory requirements.
  • Well-developed impact and influence skills.
  • Track record of building strong relationships across technology functions.
  • Excellent customer focus and commitment to quality.
  • Knowledge and understanding of the financial industry.
  • Working hours :

  • The incumbent will work in regular office hour most of the time. However, ETS is a global organization. The incumbent is required to work on flexible hours including having meetings with North America in the evenings occasionally.
  • If you are ready to unleash your potential, it’s time to start your career with Manulife / John Hancock.

    About Manulife

    Manulife Financial Corporation is a leading international financial services group that helps people make their decisions easier and lives better.

    We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.

    At the end of 2018, we had more than 34,000 employees, over 82,000 agents, and thousands of distribution partners, serving almost 28 million customers.

    As of June 30, 2019, we had over $1.1 trillion (US$877 billion) in assets under management and administration, and in the previous 12 months we made $29.

    4 billion in payments to our customers. Our principal operations in Asia, Canada and the United States are where we have served customers for more than 100 years.

    With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。