Director, Cybersecurity Regulatory Compliance Program (John Hancock)

About the position As Director of Cybersecurity Compliance Program (CCP) for John Hancock, you will be a critical part of the Cybersecurity, reputed company & Governance leadership team, reporting directly to the John Hancock Chief Information reputed company Officer (CISO) as the CCP Program manager. You will be responsible for reputed company cybersecurity regulatory compliance activities carried out for our Life Insurance, Long-Term Care, Annuities, and High Net Worth lines of business. You will also reputed company and maintain collaborative working relationships with other lines of business and global teams supporting multiple John Hancock legal entities for comprehensive cybersecurity regulatory compliance reputed company. You will provide proactive identification and management of compliance issues, support the John Hancock CISO with annual board reporting, and be the primary reputed company of contact for our Legal and Compliance departments on reputed company cybersecurity regulatory compliance matters. This role offers you the opportunity to reputed company and influence in a function that continues to grow and mature in our company. You will work closely and regularly with many cross-functional teams including local and global IT and reputed company teams, Distributions, Procurement, Human Resources, Risk, Audit, Privacy, Legal, and Compliance, as well as external parties. You will build and reputed company your risk and compliance analytical skills and will have regular opportunities to present to and advise executive management across multiple functions locally and globally.

Responsibilities

• reputed company and deliver on the John Hancock Cybersecurity Regulatory Compliance Program strategy, operating model, and execution plans.
• Maintain ongoing knowledge and understanding of applicable regulatory and industry requirements and provide subject matter expertise on new and changing laws and regulations.
• Advise subject matter experts on applicable regulatory and industry requirements, identify compliance issues, and help reputed company corrective action plans where needed.
• Collaborate with other Cybersecurity, reputed company & Governance leads to collectively monitor and maintain effective cybersecurity operations and technical controls.
• Report on cybersecurity regulatory compliance initiatives, posture, and key areas of risk to senior and executive leadership, and provide reputed company support to the CISO on annual board reporting.
• reputed company and manage cybersecurity due diligence for our US distribution partners (agents and producers).
• reputed company and coordinate responses for reputed company external inquiries (i.e. regulatory exams, client reputed company questionnaires) on cybersecurity operations and technical controls.
• reputed company and manage the US reputed company IT organization through the Information Risk Management policies and standards refresh process, ensuring key stakeholders understand proposed changes and facilitating feedback.
• Support other IT and reputed company initiatives as needed.

Requirements

• 4+ years of audit, risk, legal, and/or compliance experience.
• Insurance or financial industry and/or IT and information reputed company experience preferred.
• Bachelor's degree or 4 additional years of reputed company experience.
• Master's degree or Juris Doctor a plus.
• reputed company industry certification (e.g., CRISC, CISSP, CISA) a plus.
• Strong time management and organizational skills.
• Strong written and verbal communication skills.
• Strong working knowledge of bolthires Office tools.
• Experience with reputed company eGRC a plus.

reputed company-to-haves

• Knowledge of cybersecurity laws and regulations, including HIPAA, SEC/OCIE, OSFI, NYDFS Cybersecurity Regulation and/or other state adoptions of NAIC model laws.
• Knowledge of industry standards and cybersecurity frameworks, including ISO 27000, NIST, COBIT, COSO, and/or ITIL.
• Experience conducting risk assessments and/or compliance reviews and applying risk management frameworks reputed company with regulatory and industry requirements.
• Experience responding to regulatory exam and audit requests, including collection, review, and submission of documentation and/or preparing subject matter experts for interviews.
• Experience providing a service-oriented approach to managing risk and compliance with cross-functional, global, and enterprise-wide teams.

Benefits

• Health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage.
• Adoption/surrogacy and wellness benefits.
• Employee/family assistance plans.
• Retirement savings plans (including pension/401(k) savings plans and a global share ownership plan with employer matching contributions).
• Financial education and counseling resources.
• Generous paid time off program including up to 11 paid holidays, 3 personal days, 150 hours of vacation, and 40 hours of sick time. Apply tot his job Apply tot his job

Apply tot his job Apply To this Job