IT Control Analyst, GRC

We're looking for an IT Controls Analyst, GRC to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model.

Position Responsibilities:

• Define and communicate the standard access model for various access level to resources in the Public Cloud service.
• Own the intake channels including SNOW Process and IaC Pipelines.
• Manage access authorization for public cloud resources.
• Perform access review and approval on a daily basis with the committed SLAs.
• Develop/enhance automation for intake, review, and implementation.
• Monitor assignment of privileged roles on a daily basis.
• Discover and remediate deviations from approved access model in the existing environment.
• Maintain an exception process and tracks temporary elevation of privileges.

Required Qualifications:

• University/College graduate with 2 – 4 years of progressive experience related to identity and access management, cloud security
• Proven security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
• Possess "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.

• Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence

• Amenable to work in UP Ayala Technohub (Quezon City)

• Amenable to work in a hybrid set-up (3x a week onsite)
• Amenable to work in a fixed NIGHT shift schedule

Preferred Qualifications:

• Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
• A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
• Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
• Proficient in English, both verbal and written

When you join our team:

• We'll empower you to learn and grow the career you want.
• We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we'll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit .

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact .

Working Arrangement

Hybrid