At Manulife, we are changing the way we unlock value and secure the enterprise through technology and we want you to be part of it! We are growing our cybersecurity program with the vision to deliver quality applications using AI that add value to our customers, faster and securely, at scale. The customer is at the focus of everything we do, and millions of end users rely on our products daily. We are building a state-of-the-art cybersecurity program to better protect the firm's critical assets.

​

As a  Lead Security Architect , you'll be responsible for designing, developing, and implementing robust security strategies and solutions to protect Manulife's digital assets from advanced cyber threats. In this  hub-and-spoke model , you will report to the Chief Security Architect and will be the dedicated security architecture lead for a specific business unit, ensuring alignment with the global security framework while addressing the unique needs of the segment. You will play a crucial role in shaping our global security posture and ensuring security is a foundational element of our technology and business initiatives.

Office location: Toronto – Canada (ideal) or Boston – USA.

Work arrangement: Hybrid (3 days in office, 2 days from Home); Remote working option is not available.

Travel Flexibility:   Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement.

Position Responsibilities:

Architectural Design : Lead the design and development of robust security frameworks, standards, and best practices for global systems, data, and networks. This includes creating reference architectures and implementation patterns for security solutions.

Strategic Planning : Translate business, technology, and threat drivers into practical security roadmaps. You'll ensure our security strategy is aligned with broader organizational goals.

Financial Analysis : Conduct financial evaluations of security technologies, including quantifying purchasing and licensing options, estimating labor costs, and calculating the total cost of ownership (TCO), return on investment (ROI), or payback period.

Project Management : Draft project plans for security service and technology deployments and coordinate with stakeholders across the organization to ensure successful implementation.

Collaboration & Integration : Work closely with various teams across Manulife's business and IT units—including enterprise architecture, development, and risk management—to seamlessly integrate security throughout the entire project lifecycle.

Risk Management : Conduct comprehensive risk assessments to identify vulnerabilities and define necessary controls. Partner with global information risk management teams to prioritize and mitigate risks effectively.

Security Evaluation : Continuously evaluate the security of new and emerging technologies and potential solutions. You will stay ahead of the curve on cybersecurity trends to recommend and implement innovative solutions.

Mentorship & Communication : Act as a security subject matter expert, coaching and mentoring development teams. You will also communicate complex security standards and strategies to both technical staff and senior management with clarity and influence.

AI Security:  Design and implement security frameworks for Machine Learning (ML), Generative AI (GenAI), and Agentic AI systems. Evaluate AI-powered security tools and integrate artificial intelligence capabilities into security operations and threat detection.

Domain-Specific Accountabilities:

Application Security : Assess solution architectures for compliance with security standards, define secure service interfaces, and provide guidance to application security engineers on threat modelling and secure software development methodologies.

Cloud Security : Provide deep expertise in securing multi-cloud computing environments (SaaS, IaaS, PaaS), with a strong focus on platforms like  Microsoft Azure  and  AWS .

Required Qualifications:

To succeed in this role, a candidate must have a strong blend of technical expertise, professional experience, and interpersonal skills.

Education & Certifications :

Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.

Relevant industry certifications such as  CISSP (Certified Information Systems Security Professional) or  CCSP (Certified Cloud Security Professional)  are required.

Experience :

At least 10 years of experience specifically in senior information security architecture roles, with demonstrated progression in responsibility and complexity.

Proven experience in the financial services industry, with understanding of regulatory requirements, compliance frameworks, and industry-specific security challenges.

Experience in using architecture methodologies such as  SABSA, Zachman, and/or TOGAF.

Direct, hands-on experience or strong working knowledge of managing security infrastructure—e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology.

Verifiable experience reviewing application code for security vulnerabilities.

Experience securing CI/CD pipelines.

Direct, hands-on experience or a strong working knowledge of vulnerability management tools.

Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.

Experience designing the deployment of applications and infrastructure into public cloud services.

Direct experience designing IAM technologies and services, including Active Directory, Lightweight Directory Access Protocol (LDAP), and Amazon Web Service (AWS) IAM.

Extensive knowledge of full-stack IT infrastructure, including:

Applications

Databases

Operating systems—Windows, Unix, and Linux

Hypervisors

IP networks—WAN and LAN

Storage networks—Fibre Channel, iSCSI, and NAS

Backup networks and media

Containers/Kubernetes

Soft Skills :

Communication : Excellent verbal and written communication skills are crucial for articulating complex technical concepts and influencing stakeholders at all levels. You must be able to translate complex security matters into business terms that are easily understood by colleagues and senior management.

Problem-Solving : Strong analytical, problem-solving, and decision-making abilities.

Collaboration : The capacity to balance competing priorities and maintain a collaborative and positive attitude.

Travel Flexibility:  Willingness and ability to travel within Canada and USA to support business operations and stakeholder engagement

Preferred Qualifications:

Experience from large complex environment is highly preferred but not a must.

Experience from large financial Org’s is a definite plus but not a must.

When you join our team:

We’ll empower you to learn and grow the career you want.

We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

As part of our global team, we’ll support you in shaping the future you want to see.

Acerca de Manulife y John Hancock

Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite http://www.manulife.com .

Manulife es un empleador que ofrece igualdad de oportunidades

En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.

Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a recruitment@manulife.com .

Referenced Salary Location

Toronto, Ontario

Modalidades de Trabajo

Híbrido

Salary range is expected to be between

$110,530.00 CAD - $205,270.00 CAD

Si se está postulando para este puesto fuera de la ubicación principal, póngase en contacto con recruitment@manulife.com para conocer el rango salarial de su ubicación. El salario real variará según las condiciones locales del mercado, la geografía y los factores relacionados con el trabajo pertinentes, como conocimiento, habilidades, calificaciones, experiencia y educación/capacitación. Los empleados también tienen la oportunidad de participar en programas de incentivos y obtener una compensación de incentivos vinculada al desempeño comercial e individual.

Manulife ofrece a los empleados aptos una amplia variedad de beneficios personalizables, entre ellos, beneficios de salud, odontológicos, de salud mental, oftalmológicos, por discapacidad a corto y a largo plazo, cobertura de seguro de vida y por muerte accidental y desmembramiento, adopción/subrogación y bienestar, y planes de asistencia al empleado/familiar. También ofrecemos a los empleados admisibles varios planes de ahorro para la jubilación (incluidos planes de pensiones y un plan mundial de propiedad de acciones con contribuciones equivalentes del empleador) y recursos de asesoramiento y educación financiera. Nuestro generoso programa de tiempo libre remunerado en Canadá incluye feriados, vacaciones, días personales y días por enfermedad, y ofrecemos la gama completa de ausencia laboral reglamentaria. Si se está postulando para este puesto en los EE. UU., póngase en contacto con recruitment@manulife.com para obtener más información sobre las disposiciones relativas al tiempo libre remunerado específicas de EE. UU.