Cybersecurity Governance Analyst

Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.

We are looking for an experienced Cybersecurity Governance Analyst to join our team. You will play a vital role in supporting our Cybersecurity Program and lead activities related to governance and compliance of Aviva Canada’s Cybersecurity program. You will work closely with collaborators in Risk & Compliance, Privacy, IT, Business and Operations to nurture positive relationships.

You are comfortable in a forward-thinking and fast paced environment.

What You’ll Do

• Be a domain expert at a high level and respond to client/regulatory requests regarding Aviva’s Cybersecurity program.
• Develop and enhance Key Risk Indicators and Key Performance Indicators in support of cybersecurity risk management initiatives and executive reporting.
• Perform annual cybersecurity controls reviews and manage issues and actions for the Cybersecurity department.
• Perform periodic NIST CSF self-assessments and support the development and implementation of remediation activities to resolve control deficiencies.
• Support compliance with industry frameworks and standards such as PCI-DSS and ISO27001.
• Work with the security education team to facilitate the execution and reporting for the phishing program and manage security awareness training assignments for our colleagues.
• Generate and review content regularly for our Security Education and Awareness program. Coordinate and lead cybersecurity awareness campaigns.
• Review and update Security Policies annually, as well as draft new policies and standards where required.
• Manage Aviva’s GRC solution overall and implement enhancements for Cybersecurity Governance workflow.
• Ensure timely completion of work you're leading and reporting schedules.
• Promote effective security practices, technologies, and processes with partner groups.
• Address requests from IT and business users on security related matters and take ownership of the same to conclusion and satisfaction.
  
  

What You’ll Bring

• 3-5 years of experience in cybersecurity governance programs and processes, risk management and reporting.
• Good knowledge of cybersecurity and technology concepts.
• Knowledge and practical experience in applying security standards and frameworks (e.g. NIST, ISF, ISO, PCI DSS).
• Strong written and verbal communication skills; ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences at various levels.
• Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external contacts.
• Attention to detail and strong problem-solving skills.
• Experience with using GRC platforms and data platforms (e.g. Archer, IBM OpenPages, Qlik)
• Good understanding of the insurance or banking industries.
• University degree or college diploma in Computer Science, Information Security Management, Cybersecurity Risk Management, or equivalent professional experience within Cybersecurity
• Professional designation relating to cybersecurity or IT risk (e.g. CISSP, CISA, CISM, CCSP/CCSK, GIAC, CompTIA Security+) is an asset.
  
  

What You’ll Get

• Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.
• Outstanding Career Development opportunities.
• We’ll support your professional development education.
• Competitive vacation package with the option to purchase 5 extra days off per year.
• Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.
• Corporate wellness programs to support our employees’ physical and mental health.
• Hybrid flexible work model.
  
  

Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally.

Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.