Senior IT Auditor or Associate Manager

Toronto, Ontario
Boston, Massachusetts
Waterloo, Ontario

Active till:
June 30

Job requisition id

Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You’ve come to the right place. We’re looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we’d like to hear from you.

Working Arrangement


Job Description

Manulife’s Internal Audit team is looking for an experienced Senior IT Auditor/Associate Manager for their Technology Infrastructure Security Audit team. The Senior Technology Auditor/Associate Manager will participate in planning, execution and reporting for large, complex assurance reviews of all types (key risk audits, emerging risk reviews, program and project audits), to deliver high quality, professional, cost-effective, value-added and risk-based audits.

The primary responsibility of the role consists of executing audits over areas such as Information Risk Management, Technology Governance, Cybersecurity, Network Security, Identity and Access Management, Data Center Security, Cloud Security, Architecture Reviews, and Business Continuity/Disaster Recovery.  

Key Responsibilities:

  • Understand Information Technology control environment to assess and evaluate the effectiveness and efficiency of internal controls and operating practices;

  • Support multiple simultaneous audit projects to ensure time and quality objectives are met. Timely escalate potential budget over-runs and resourcing concerns to Engagement Lead;

  • Execute audit projects to cover key risks and contribute to production of meaningful audit reports that clearly articulate the position on risks and related issues;

  • Assist in performing assessments of technology processes, tools and technologies new to the company;

  • Assist in the development of agendas, audit objectives and scope, test procedures, and requests lists;

  • Clearly communicate potential issues and evaluate corrective action plans;

  • Assist with various internal team/department initiatives.


  • Strong understanding and experience with testing of IT General Controls;

  • Understanding or working knowledge of cybersecurity concepts such as Security Operations (Vulnerability Management, DLP, SIEM etc.), Security Engineering (Cryptography, Cloud Security, Security Architecture etc.), Identity and Access Management etc.;

  • Understanding or working knowledge of Network and Network Security concepts and tools such as Network Access Controls, Intrusion Detection and Prevention, TACACS/Radius (Central authentication), Network Penetration Testing (e.g. red teaming) etc.;

  • Understanding or working knowledge of information security controls, infrastructure technology, technology governance and assessments, cybersecurity tools (e.g. Qualys), Splunk, Netskope, Zscaler etc.;

  • Working knowledge of other technology infrastructure concepts, processes, and associated risks - such as, Active Directory, Operating System, On-premises Data Center etc.

Education, Experience & Skills:

  • University degree in information systems, or other relevant degree, with 3-5 years of experience in a technology audit/risk management role. CISA, CISSP and/or CISM designation are preferred;

  • Working knowledge or prior experience with information systems and operations used in the insurance industry and financial services industry is preferred;

  • Experience analyzing complex data sets;

  • Ability to quickly comprehend business processes and identify the risk implications, analyze complex situations, reach appropriate conclusions, and make value-added and practical recommendations;

  • Results oriented with a keen focus on quality and delivering value; ability to balance multiple priorities and projects; strong attention to detail while retaining focus on the “big picture” and top risks; flexible and organized with the ability to oversee multiple projects concurrently;

  • Excellent influencing, and negotiation skills; professional presence, and influence across different areas and levels of management both in Audit Services and Technology;

  • Demonstrated ability to work effectively in diverse environments and cultures;

  • Highest level of integrity accompanied by strong ethical principles.

Every career at Manulife/John Hancock provides the opportunity to learn new skills and move your career forward. Ready to make an impact somewhere? What are you waiting for? Apply today.

About John Hancock and Manulife

John Hancock is a unit of Manulife Financial Corporation, a leading international financial services group that helps people make their decisions easier and lives better. We operate primarily as John Hancock in the United States, and Manulife globally, including Canada, Asia and Europe. We provide financial advice, insurance and wealth and asset management solutions for individuals, groups and institutions. Assets under management and administration by Manulife and its subsidiaries were CAD$1.3 trillion (US$1.1 trillion) as of June 30, 2021. Manulife Financial Corporation trades as MFC on the TSX, NYSE, and PSE, and under 945 on the SEHK. Manulife can be found at

One of the largest life insurers in the United States, John Hancock supports more than 10 million Americans with a broad range of financial products, including life insurance, annuities, investments, 401(k) plans, and education savings plans. Additional information about John Hancock may be found at

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application processAll information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact