Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.
We are looking for an experienced Cybersecurity Governance Analyst to join our team. You will play a vital role in supporting our Cybersecurity Program and lead activities related to governance and compliance of Aviva Canada’s Cybersecurity program. You will work closely with collaborators in Risk & Compliance, Privacy, IT, Business and Operations to nurture positive relationships.
You are comfortable in a forward-thinking and fast paced environment.
What You’ll Do
- Be a domain expert at a high level and respond to client/regulatory requests regarding Aviva’s Cybersecurity program.
- Develop and enhance Key Risk Indicators and Key Performance Indicators in support of cybersecurity risk management initiatives and executive reporting.
- Perform annual cybersecurity controls reviews and manage issues and actions for the Cybersecurity department.
- Perform periodic NIST CSF self-assessments and support the development and implementation of remediation activities to resolve control deficiencies.
- Support compliance with industry frameworks and standards such as PCI-DSS and ISO27001.
- Work with the security education team to facilitate the execution and reporting for the phishing program and manage security awareness training assignments for our colleagues.
- Generate and review content regularly for our Security Education and Awareness program. Coordinate and lead cybersecurity awareness campaigns.
- Review and update Security Policies annually, as well as draft new policies and standards where required.
- Manage Aviva’s GRC solution overall and implement enhancements for Cybersecurity Governance workflow.
- Ensure timely completion of work you're leading and reporting schedules.
- Promote effective security practices, technologies, and processes with partner groups.
- Address requests from IT and business users on security related matters and take ownership of the same to conclusion and satisfaction.
What You’ll Bring
- 3-5 years of experience in cybersecurity governance programs and processes, risk management and reporting.
- Good knowledge of cybersecurity and technology concepts.
- Knowledge and practical experience in applying security standards and frameworks (e.g. NIST, ISF, ISO, PCI DSS).
- Strong written and verbal communication skills; ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences at various levels.
- Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external contacts.
- Attention to detail and strong problem-solving skills.
- Experience with using GRC platforms and data platforms (e.g. Archer, IBM OpenPages, Qlik)
- Good understanding of the insurance or banking industries.
- University degree or college diploma in Computer Science, Information Security Management, Cybersecurity Risk Management, or equivalent professional experience within Cybersecurity
- Professional designation relating to cybersecurity or IT risk (e.g. CISSP, CISA, CISM, CCSP/CCSK, GIAC, CompTIA Security+) is an asset.
What You’ll Get
- Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.
- Outstanding Career Development opportunities.
- We’ll support your professional development education.
- Competitive vacation package with the option to purchase 5 extra days off per year.
- Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.
- Corporate wellness programs to support our employees’ physical and mental health.
- Hybrid flexible work model.
Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally.
Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.
