Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence. We are seeking a resourceful and forward-thinking Vulnerability Management Analyst. Your primary role is to operate information security’s vulnerability management program, work with peers in different decision centers to remediate vulnerabilities, present the findings and help others in remediation activities - so strong problem-solving skills are a must. This position is critical to the success of the organization by providing outstanding understanding of attack surface of Aviva’s infrastructure. You will also ensure that appropriate security controls are applied and tested throughout the software development lifecycle. Responsibilities include planning and prioritizing vulnerability scanning activities, and coordinating remediation efforts. The role involves taking ownership of vulnerability management activities like – scanning, triaging, prioritization and streamlining the vulnerability management process with timely remediation. This role will report the maturity of scanning and vulnerability findings to different partners. The role is part of Aviva’s Canada information security operations team. The incumbent will have extensive experience with Information Technology and expert level knowledge of Information Security principles as well as basic project-management skills, with outstanding communications skills. Does this sound like you? What you'll do: Operate information security’s vulnerability management program in an efficient manner, to reduce operational risks. Operate information security’s vulnerability management program to meet program’s SLA’s and KPI’s. Ensure that appropriate security controls are applied and tested throughout the software development lifecycle Work on vulnerability management process with ability to identify, resolve and improve efficiency in operations. Identify gaps and support action plans to strengthen Vulnerability Management control efficiency. Partner with multiple teams across the organization and 3rd party service provider to map, track, monitor and communicate progress on vulnerability remediation activities. Provide technical guidance collaboratively to peers in both IT and information security on vulnerability remediation. Provide the required support to senior management on matters related to vulnerability management program. Anticipate and plan for future risk in meeting vulnerability SLA’s Coordinate and communicate with internal partners across the IT department. Ensure all Vulnerability Management related controls are demonstrable and sustainable on a continuous basis. Ability to adapt in a fast-paced environment. What you'll bring: Bachelor's Degree with a focus on Cybersecurity Financial industry specific background would be an asset. A background in information security operations and threat and vulnerability management Experience At least 3 years’ experience working in an enterprise IT environment Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peers. Active information security certification, such as CISSP, OSCP, etc. Deep technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques. Build procedures and customized scan configurations appropriate for the desired performance and accuracy. Experience reviewing, analyzing, discussing, explaining, and reporting vulnerability scan results Strong interpersonal skills, ability to work on multiple projects simultaneously in controlled matter. Outstanding communications skills including preparing briefings, presentations, and oral status reports Possess strong analytical skills and problem-solving capabilities Experience with Qualys, Tenable or any other vulnerability management solution. What you’ll get: Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities. Outstanding Career Development opportunities. We’ll support your professional development education. Competitive vacation package with the option to purchase 5 extra days off per year Employee driven programs focused on gender, LGBTQ+, origins, diversity and inclusion Corporate wellness programs to support our employees’ physical and mental health Hybrid flexible work model Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally. Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada. #LI-AI1 #LI-Hybrid We help our 19.5 million customers to save for the future and manage the risks of everyday life. To give these customers the best possible products and service we know we must make Aviva the most attractive choice for talented, entrepreneurial people with diverse backgrounds and an evolving range of expertise and insight. So, we’re passionate about helping our 23,000 people to do the best work of their lives, to enable them to make a positive difference to the lives of our customers.
