Manager, Information Risk Assurance and Automated Control Testing

The Manager, IRM Control Assurance Testing (iCAT) supports the execution of IT control testing activities related to information risk management. This role is ideal for candidates with foundational experience in technology risk, cybersecurity, or IT audit who are looking to grow in a dynamic and collaborative environment. The successful candidate will assist in testing IT controls, analyzing risk data, and supporting continuous improvement initiatives under the guidance of senior team members.

Position Responsibilities:

• Assist in performing IT control testing activities across areas such as business continuity, incident management, third-party risk, IT asset inventory, and application security.

• Support control testing efforts to evaluate design and operating effectiveness of key controls.

• Sound knowledge of best practices of various aspects of information risk management

• Collaborate with cross-functional teams to gather data and insights for control testing activities.

• Help document findings and prepare reports for review by senior team members.

• Contribute to the development and automation of control testing processes.

• Participate in planning and scheduling of engagements.

• Maintain awareness of emerging risks and technologies relevant to information risk management.

Required Qualifications:

• Around two (2) to four (4) years of experience in information security, IT audit, risk management, or related fields.

• Bachelor's degree in Computer Science, Information Technology, or a related discipline.

• Basic understanding of cybersecurity concepts and IT infrastructure.

• Strong analytical and problem-solving skills.

• Good communication and report writing abilities.

• Ability to work collaboratively in a team environment.

• Organized and able to manage multiple tasks effectively.

Preferred Qualifications:

• Basic understanding of information security controls, IT infrastructure, technology governance, and cybersecurity tools (e.g., ethical hacking platforms).

• Exposure to tools such as Splunk, Qualys, or similar cybersecurity platforms.

• Experience with data analysis or reporting tools.

• Familiarity with risk and control frameworks (e.g., NIST, ISO, COBIT) is an advantage.

• Certifications such as CompTIA Security+, CEH, CISA, CISM are a plus but are not required.

When you join our team:

• We'll empower you to learn and grow the career you want.

• We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team, we'll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact

Working Arrangement