Are you looking for a supportive and collaborative workplace with great benefits and clear career development You've come to the right place.
Why choose Manulife
- Competitive Salary packages and performance bonuses
- Day 1 HMO + FREE coverage for your dependents (inclusive of same-sex partners)
- Retirement savings benefit
- Rewarding culture that values wellness and well-being
- Performance Bonus
- Global network of industry experts
- Extensive training resources
Job Description:
We're looking for a Vendor Information Security Analyst to join our Procurement Operations team at MBPS. In this role, you are expected to review independent audit reports (SOC 2, ISO27001 Statement of Applicability, penetration testing reports, vulnerability management reports, etc.) and draft final output/deliverable, including the vendor information risk assessment memos for approval by business owners.
Have the skills and knowledge for the job Learn more about the opening below!
Key Responsibilities:
- Review third-party contracts to help ensure key terms and conditions are included to safeguard Manulife information assets
- Report on the status of vendor risk assessment assignments in weekly team meetings and stand-up meetings with onshore counterparts/stakeholders
- Support IT audits conducted by Audit Services, regulators, clients, and third-party auditors
- Be part of an active team that remains current on emerging risks and technologies, key developments, and strategies for the businesses we support
- Stay informed on emerging technologies, key business drivers, evolving threats, and opportunities
- Perform additional duties as assigned in information security and business continuity management domains
Qualifications:
- University Degree (Computer Science, Business, or Finance preferred, but not required)
- Experience with performing third-party information security risk assessments
- 3-5 years of experience in Technology, Technology Risk and Controls, Technology Audit, Cybersecurity, Application Security, Network Security, Cyber Resiliency, and Third-Party Outsourcing Risk Management within a large enterprise-level environment
- Knowledge of and experience with industry risk frameworks and information security standards (ISO27001, NIST Cybersecurity Framework, PCI DSS, HITRUST, etc.)
- Experience with Archer, Process Unity, or any Vendor Risk Management tool is preferred
Let's make every day better together. Learn about our opportunities at JOBS.MANULIFE.COM
