• Job Description

  Req#: R-132652

  Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.

  We are looking for an inquisitive and resourceful AVP, Cybersecurity Risk and Governance who will be responsible for leading all aspects of Aviva Canada’s cybersecurity risk and governance functions. As the leader of the cybersecurity risk and governance function reporting to the CISO, you will embrace the vision and development of Aviva Canada’s strategic cyber risk and governance roadmap which is in your efficient hands. You will ensure that cyber risk at Aviva is managed appropriately and within tolerance defined by the organization. At the same time, you will continue to ensure the day-to-day running of current cybersecurity risk, governance and advisory functions while refining and maturing their operation. Lastly, your ability to take on new tasks outside of the Cyber Risk and Governance areas will ensure that you assist the CISO with key priorities while also expanding your knowledge in a balanced manner and growing your career. Key partners and collaboration partners will include the CIO, CISO, Legal, 2nd Line, Privacy, business units, and the rest of the IT Senior Leadership team.

  You are forward-thinking, collaborative, embrace learning/new technology and are comfortable in a fast-paced environment.

  Does this sound like you?!

  What You’ll Do

  • Proficiently lead and manage team Cybersecurity Risk and Governance professionals working towards the efficient operation and continued maturation of existing cybersecurity risk and governance processes.
  • Develop and craft the overall cybersecurity risk and governance vision for Aviva Canada as the most senior cybersecurity risk and governance subject matter expert within the organization.
  • Align Aviva Canada’s cybersecurity program to the NIST Cybersecurity Framework proficiently. Lead periodic self-assessments against the framework along with independent third party assessments.
  • Enhance and improve Aviva Canada’s Cybersecurity Risk Assessment Process. Ensure that cybersecurity risks are managed collaboratively with the business and decisions are made on a balanced risk-prioritized basis.
  • Build and develop a Third Party Cybersecurity Risk Management Process to continuously assess Aviva Canada’s Third Party from a cybersecurity perspective to lead Aviva Canada’s third party cyber risk.
  • Dedication to develop, improve, contribute to and enhance Aviva Canada’s Security Awareness Training and Phish Test program. Introduce and encourage automation and enhanced reporting to increase efficiency of delivery and interpretation of results.
  • Identify gaps in existing processes and solutions then build and develop remediation plans to address such gaps with the development/re-design of processes or deployment of solutions (eg. tooling, automation, overhaul).
  • Develop, build and refine service metrics, KPIs and KRIs for cybersecurity risk and governance functions.
  • Participate in and grow in other non-risk/governance facets of cybersecurity – Identity and Access Management, Security Operations, Cybersecurity Delivery to assist the CISO supervising a diverse cybersecurity department responsible for running Aviva Canada’s cybersecurity risk.
  • Adopt and deliver using Aviva Canada’s agile-based SDLC.
  • Continue personal professional development as a cybersecurity risk and governance subject-matter expert, including industry training, developing interpersonal relationships with peers in industry, attending conferences, and self-study.
  • Train, coach, and mentor a growing cybersecurity risk and governance teams to efficiently support the requirements of Aviva Canada, and to develop and build the careers of your teams to lead them to bigger and better things.

  What you'll bring

  • Minimum 10 years Cybersecurity/Information Security experience including 7 years in a management role.
  • Preference for a University degree in Computer Engineering/Science or Cybersecurity.
  • Outstanding experience managing or being responsible for a Security Advisory/Assessment team including mentoring, along with previous experience performing cybersecurity risk assessments and risk management activities.
  • Experience utilizing the NIST Cybersecurity Framework to lead an organization’s cybersecurity program.
  • Hands on experience managing Security Awareness and Phish Test campaigns proficiently.
  • Extensive utilization/experience with Governance, Risk and Compliance tools (GRC) tools preferred.
  • Excellent verbal and written communication, interpersonal and collaborative skills, and ability to communicate technical concepts to non-technical audiences in a positive manner.
  • Strong relationship management skills. Ability to understand various partner objectives while driving towards an outcome that appropriately manages Aviva Canada’s cybersecurity risk.
  • Multi-tasking on multiple projects and tasks with contending priorities in a fast-paced environment.
  • Resourceful, sees the benefits of automation and has experience in efficiently automating repetitive work that lends itself to being automated.
  • Experience with cloud environments preferred (AWS, Azure).
  • Outstanding delivery and problem solving skills - the ability to take a problem from start to finish and drive towards the desired outcome.
  • An interest in professional development and to embrace digital/cybersecurity – the resolve, resolution and ability to learn to upskill as required to stay pace with the current cyber threat landscape.

  What you’ll get:

  • Competitive rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.
  • Exceptional Career Development opportunities.
  • We’ll support your professional development education.

  Additional Information: Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.

  #LI-KH1

• About the company

  We’re here to protect our 33 million customers from life’s unexpected twists and turns – freeing them from fear of uncertainty. We are one of only a few insurance companies in the world that can provide customers with life, general and health insurance, and asset management in one place – a composite insurer. And we have a unique competitive advantage. Whether we’re protecting them from everyday risks or helping them to save for the future, we put customers at the heart of all we do – creating a bright and sustainable future for our customers, employees and our communities.

Notice