• Job Description

  Req#: R-162277

  Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.

  We are looking for an experienced Cybersecurity Governance Analyst to join our team. You will play a vital role in supporting our Cybersecurity Program and lead activities related to governance and compliance of Aviva Canada’s Cybersecurity program. You will collaborate and maintain effective relationships with stakeholders in Risk & Compliance, Privacy, IT, Business and Operations.

  You are comfortable in a forward-thinking and fast-paced environment.

  What you’ll do

  • Be the subject matter expert at a high level and respond to client/regulatory requests regarding Aviva’s Cybersecurity program.

  • Develop and enhance Key Risk Indicators and Key Performance Indicators in support of cybersecurity risk management initiatives and executive reporting.

  • Perform annual cybersecurity controls reviews and manage issues and actions for the Cybersecurity department.

  • Perform periodic NIST CSF self-assessments and support the development and implementation of remediation activities to resolve control deficiencies.

  • Support compliance with industry frameworks and standards such as PCI-DSS and ISO27001.

  • Work with the security education team to facilitate the execution and reporting for the phishing program and manage security awareness training assignments for our colleagues.

  • Generate and review content regularly for our Security Education and Awareness program. Coordinate and lead cybersecurity awareness campaigns.

  • Review and update Security Policies annually, as well as draft new policies and standards where required.

  • Manage Aviva’s GRC solution overall and implement enhancements for Cybersecurity Governance workflow.

  • Ensure timely completion of assigned tasks and reporting schedules.

  • Promote effective security practices, technologies, and processes with stakeholder groups.

  • Address requests from IT and business users on security related matters and take ownership of the same to conclusion and satisfaction.

  What you’ll bring

  • 3-5 years of experience in cybersecurity governance programs and processes, risk management and reporting.

  • Good knowledge of cybersecurity and technology concepts.

  • Knowledge and practical experience in applying security standards and frameworks (e.g. NIST, ISF, ISO, PCI DSS).

  • Strong written and verbal communication skills; ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences at various levels.

  • Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external contacts.

  • Strong attention to detail and problem-solving skills.

  • Experience with using GRC platforms and data platforms (e.g. Archer, IBM OpenPages, Qlik)

  • Good understanding of the insurance or banking industries.

  • University degree or college diploma in Computer Science, Information Security Management, Cybersecurity Risk Management, or equivalent professional experience within Cybersecurity

  • Professional designation relating to cybersecurity or IT risk (e.g. CISSP, CISA, CISM, CCSP/CCSK, GIAC, CompTIA Security+) is an asset.

  What you’ll get

  • The salary band for this position ranges from $60000 to $100,000. Please note that individual salary is determined by factors such as job-related knowledge, skills and experience, as well as internal equity.

  • Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.

  • Outstanding Career Development opportunities.

  • We’ll support your professional development education.

  • Competitive vacation package with the option to purchase 5 extra days off per year.

  • Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.

  • Corporate wellness programs to support our employees’ physical and mental health.

  • Hybrid flexible work model.

  This job advertisement is for an existing vacancy which has been posted both internally & externally.

  Aviva Canada may use AI (Artificial Intelligence) tools to assist us throughout the recruitment process to screen, assess or select applicants for a position.

  Aviva Canada welcomes applications from all qualified individuals and has a process in place to provide accommodations for persons with disabilities at all stages of the hiring process and during employment. If you require an accommodation during the interview or hiring process, please contact your Aviva Talent Acquisition Partner so that an appropriate accommodation can be arranged.

  #LI-PS1
  #LI-Hybrid

• About the company

  We’re here to protect our 33 million customers from life’s unexpected twists and turns – freeing them from fear of uncertainty. We are one of only a few insurance companies in the world that can provide customers with life, general and health insurance, and asset management in one place – a composite insurer. And we have a unique competitive advantage. Whether we’re protecting them from everyday risks or helping them to save for the future, we put customers at the heart of all we do – creating a bright and sustainable future for our customers, employees and our communities.

Notice