Lead AI & TPRM Security Assessor

As a Lead AI & Third-Party Risk (TPRM) Security Assessor within Global Cybersecurity Services, you will play a key role in strengthening the organization’s security posture as we expand the use of AI-enabled solutions and third-party technologies. You will lead the security assessment of AI products, AI-bearing vendors, and enterprise technologies—ensuring risks are identified, evaluated, and managed in alignment with regulatory expectations and business objectives. This includes addressing emerging threats such as AI-driven attacks, agentic risks, and supply chain vulnerabilities. This role combines deep technical expertise with strategic influence. You will define and evolve modern assessment practices, partner across functions, and provide trusted guidance on complex risk decisions. The ideal candidate is curious, forward-thinking, and thrives in a fast-evolving technology and threat landscape. Your responsibilities will include Lead and approve security assessments for AI-enabled products, AI-bearing vendors, and third-party technologies Act as the escalation point and named reviewer for high-risk and AI-related engagements Define and continuously improve AI-focused assessment frameworks, including controls, evidence standards, and scoring models Drive automation of assessment processes to improve efficiency, scalability, and turnaround time Partner with TPRM, Procurement, Legal, Privacy, and Architecture teams to embed security into vendor selection and lifecycle processes Provide expert advice on regulatory, legal, and third-party risk implications during solution design and vendor selection Maintain audit-ready documentation and support regulatory compliance (e.g., OSFI B-13) Produce risk reporting and insights for cybersecurity leadership Monitor emerging AI threats and regulatory developments and integrate them into assessment practices Mentor junior team members and support capability development Key Requirements 8+ years of experience in information security, including third-party risk or security assessments Strong expertise in vendor/product security assessments and control evaluation Experience assessing cloud, SaaS, and AI/ML vendor environments Understanding of AI-related risks (e.g., data exposure, prompt injection, model vulnerabilities) Familiarity with security frameworks and regulations (e.g., OSFI, NIST, ISO) Strong stakeholder management and communication skills Ability to lead complex initiatives and influence risk-based decisions Additional Assets Experience with assessment automation or GRC tools Knowledge of AI governance and emerging regulatory frameworks Relevant certifications (CISSP, CISM, CISA, or similar) Experience in financial services or regulated environments This is a fully remote role based in Ontario. The role being advertised is an existing vacancy. About Manulife and John Hancock Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html. Manulife is an Equal Opportunity Employer At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law. It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact [email protected]. Referenced Salary Location CAN, Ontario - Full Time Remote Working Arrangement Remote Salary range is expected to be between $113,260.00 CAD - $210,340.00 CAD Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. If you are applying for this role outside of the primary location, please contact [email protected] for the salary range for your location. Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact [email protected] for more information about U.S.-specific paid time off provisions. We use data and analytics technologies, such as artificial intelligence (AI), and automated processing tools, to analyze and process the information you provide to us or third parties in the application process. For more information, please refer to our personal information collection statement. Apply To This Job