Associate Director, Data Security and Compliance

Associate Director, Data Security and Compliance

The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.

We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.
 

Position Responsibilities:

Access Management

• Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia’s data lakes.

• Policy Integration: Collaborate with global teams to align regional access policies with global standards.

• Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.

• User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.

• Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.

Data Governance

• Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.

• Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.

• Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.

Regulatory Compliance

• Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.

• Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.

• Documentation: Maintain clear and comprehensive documentation of access policies and procedures.

Data Risk Management

• Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).

• Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.

• Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.

• Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.

• Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.

• Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.

Coordination & Collaboration

• Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.

• Culture Building: Promote data stewardship and accountability across the organization.

• Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.

Required Qualifications:

• Bachelor’s or Master’s degree in Information Technology, Data Science, Business Administration, or a related field.
• 8–10 years of experience in access management, data governance, or risk management.

• Experience in a multinational organization with a focus on Asia.

• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access frameworks, governance policies, and regulatory compliance.
• Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
• Foundational understanding of emerging technologies like Generative AI and OpenAI.
• Demonstrated experience in managing data risks and implementing mitigation strategies.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to thrive in a fast-paced, dynamic environment with multiple priorities.

When you join our team:

• We’ll empower you to learn and grow the career you want.

• We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

• As part of our global team, we’ll support you in shaping the future you want to see.

About Manulife and John Hancock

Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

Manulife is an Equal Opportunity Employer

At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact recruitment@manulife.com.

Working Arrangement