Current jobs related to AVP, Threat and Vulnerability Management - Toronto - Sun Life Financial
-
Vulnerability & Threat Management Lead
51 seconds ago
Toronto, Canada RBC Full timeA leading financial institution in Toronto is seeking a Senior Manager, Vulnerability & Threat Assessment to lead initiatives in vulnerability management, ensuring the security and resilience of their digital ecosystem. The successful candidate will have over 7 years of experience in cybersecurity, a strong understanding of vulnerability management tools,...
-
AVP, Security Operations
3 days ago
Toronto, Canada Intercast Staffing Full timeWe’re currently looking for an AVP of Security Operations for one of our financial industry clients. In this opportunity, working with the CISO, you would be helping to protect the banks on-prem and cloud infrastructure as they strive to strengthen their security posture. Main responsibilities include:Skills:leading and managing the Security Operations...
-
AVP, Security Operations
3 days ago
Toronto, Canada Intercast Staffing Full timeWe’re currently looking for an AVP of Security Operations for one of our financial industry clients. In this opportunity, working with the CISO, you would be helping to protect the banks on-prem and cloud infrastructure as they strive to strengthen their security posture. Main responsibilities include: Skills: leading and managing the Security Operations...
-
Senior Manager, Vulnerability
2 weeks ago
TORONTO, Canada Royal Bank of Canada Full timeJob Description What is the opportunity? Senior Manager, Vulnerability & Threat Assessment, plays a pivotal role in safeguarding RBC’s digital ecosystem by proactively identifying, prioritizing, and tracking vulnerabilities and emerging threats remediation. This opportunity allows you to lead critical initiatives, such as managing Zero-Day...
-
Analyst III, Security Operations
4 weeks ago
Toronto, Canada Moneris Solutions Corp. Full timeAnalyst III, Security Operations (Vulnerability & Threat Management) page is loaded## Analyst III, Security Operations (Vulnerability & Threat Management)locations: Torontotime type: Full timeposted on: Posted 10 Days Agojob requisition id: JR105401**Security Operations Analyst, Vulnerability and Threat Management****Location:** You will be based in...
-
Hybrid: Vulnerability
3 weeks ago
Toronto, Canada Moneris Solutions Corp. Full timeA leading fintech company in Toronto is seeking a skilled Analyst III for Security Operations focusing on Vulnerability and Threat Management. Responsibilities include organizing penetration tests, managing vulnerability reports, and advising on best practices for security. Ideal candidates will possess a Bachelor's degree in Cybersecurity with over 3 years...
-
Senior Manager, Vulnerability
2 weeks ago
Toronto, Canada Royal Bank of Canada Full timeJob Description What is the opportunity?We are seeking an experienced and driven individual to join our team as a Senior Manager, Vulnerability & Threat Assessment. This role is perfect for someone who is energetic, enthusiastic and curious, with a deep understanding of vulnerability management, risk, controls and compliance frameworks, and exposure...
-
Senior Manager, Vulnerability
5 minutes ago
Toronto, ON MJ J, Canada RBC Full timeJob DescriptionWhat is the opportunity?Senior Manager, Vulnerability & Threat Assessment, plays a pivotal role in safeguarding RBC's digital ecosystem by proactively identifying, prioritizing, and tracking vulnerabilities and emerging threats remediation. This opportunity allows you to lead critical initiatives, such as managing Zero-Day vulnerabilities,...
-
Summer Intern 2026
17 minutes ago
Toronto, Ontario, Canada Mackenzie Financial Corporation Full time $49,000 - $51,000Job DescriptionDivision: IGM-TECHLocation:TorontoIGM Financial Inc. is a leading wealth and asset management company in Canada, managing approximately $271 billion in assets. It offers financial planning and investment services to over two million Canadians through IG Wealth Management and Mackenzie Investments.Mackenzie Investments, founded in 1967, is a...
-
Vulnerability Management Analyst
5 days ago
Toronto, Canada Moneris Solutions Full time**Your Moneris Career - The Opportunity**: We are seeking a skilled and experienced cybersecurity analyst in the area of vulnerability management to join our Security Operations team reporting to Manager, Security Operations. Your role will involve organize and oversee penetration testing, coordinating remediation efforts, conducting vulnerability scans,...
AVP, Threat and Vulnerability Management
22 minutes ago
You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.**Job Description:**Overview As the AVP, Global Threat & Vulnerability Management (TVM) within Digital Security Threat Management (DSTM) under Security, Risk & Crisis Management (SRC), you will lead Sun Life’s global capability for identifying, assessing, prioritizing, and mitigating cyber vulnerabilities and threats across the enterprise. You will oversee multiple sub‑disciplines—vulnerability management, red teaming, threat intelligence, defensive security (blue team), application security platform & testing, and incident management & process development—ensuring Sun Life maintains a resilient and compliant security posture. This role partners closely with Security Engineering & Advisory, Technology Risk & Compliance, Security Governance & Client Programs, Security Initiatives & Awareness, and Security Operations to drive measurable improvements in cyber resilience and reduce enterprise attack surface. Key Responsibilities 1. Enterprise Vulnerability Management Leadership You are the Responsible Person/Contact for the enterprise Vulnerability Management Directive, overseeing the entire vulnerability lifecycle across Sun Life: identification, prioritization, reporting, remediation governance, and compliance monitoring.Your VM program encompasses:* Internal and external vulnerability scanning* Database scanning* Security Scorecard monitoring* Threat‑intel‑driven vulnerability monitoring* Classification of vulnerabilities and zero‑day response* Audit, Client and Regulatory responses.* Management of platforms related to Vulnerability Management.* Produce Senior Leadership and Executive Reporting for all areas of Vulnerability Management.2. Cyber Threat Intelligence & HuntingYou oversee the Cyber Threat Intelligence (CTI) and Cyber Threat Hunting (CTH) function responsible for:* Lead the collection, analysis, and operationalization of internal and external threat intelligence.* Monitoring global threats affecting Sun Life brands, staff, infrastructure, and clients* Identifying indicators of compromise, campaign activity, and attacker behaviors* Producing actionable threat briefings for Security teams, Technology Risk, and senior leadership.* Maintain relationships with intelligence‑sharing communities, industry groups, and government partners.* Ensure threat intelligence directly informs detection engineering, vulnerability prioritization, and offensive testing.* Perform continuous Threat Hunting activities based on Cyber Threat Intelligence and internal Red/Blue team information.* Develop and refine use cases based on threat intelligence and work with Security Operations and Engineering teams to implement for alerting to Defensive Security teams.3. Red Team / Offensive Security OversightYou lead the Offensive Security (Red Team) program, which conducts:* Application, network, social engineering, and physical penetration tests* Adversary emulation engagements* Intelligence Led Penetration Testing* Executes Security Control validation testing to ensure coverage and identify gaps across security controls.* Ensure offensive testing aligns with threat intelligence and focuses on high‑risk assets and emerging attack vectors.* Partner with technology teams to validate remediation effectiveness.* Translate offensive findings into prioritized remediation actions and long‑term security improvements.4. Blue Team / Defensive Security OversightYou lead the Defensive Security (Blue Team) program, which:* Responds to detections from security controls* Ensure defensive capabilities evolve based on threat intelligence and offensive testing results.* Partner with Offensive Security, Cyber Threat Intelligence and Security Operations to enhance detection coverage, reduce dwell time, and improve alert fidelity.5. Security Incident & Process ManagementYou lead the Security Incident team which:* Responds to security incidents and takes appropriate actions* Govern the maturity of incident response processes, playbooks, and readiness exercises.* Ensure consistent, high‑quality incident handling with clear communication and post‑incident reviews.6. Application Security Platforms* Oversee application security scanning capabilities including static, dynamic, software composition and mobile analysis.* Partner with DevOps teams to ensure application security capabilities are integrated into DevOps pipelines.* Identify systemic application security weaknesses and drive long‑term remediation strategies.* Provide secure development guidance and support targeted developer training in partnership with the AVP of Security Initiatives, Training & Awareness.* Ensure application security findings are integrated into enterprise vulnerability reporting.7. Application Security Testing* Leads Sun Life’s Application Security Testing function, owning the strategy, execution, and continuous improvement of the enterprise testing framework.* Ensure critical applications have penetration testing performed on an annual basis.* Ensures results are consistent, high‑quality, repeatable, and meet enterprise governance expectations.* Drives adoption of advanced testing approaches, including AI‑assisted vulnerability remediation and testing enhancements.8. Cross‑Functional Collaboration • Partner with:* Security Engineering & Advisory on architecture alignment, secure design, and technical remediation.* Technology Risk & Compliance to ensure alignment with regulatory expectations, audit requirements, and risk frameworks.* Security Governance & Client Programs to support client assurance, governance reporting, and due diligence.* Security Initiatives, Training & Awareness to develop training based on recurring vulnerability, threat, and AppSec trends.* Security Operations to enhance detection, response, and threat hunting capabilities.9. Metrics, Reporting & Executive Communication* Define KPIs, KRIs, and dashboards that measure vulnerability exposure, application security maturity, remediation performance, and threat trends.* Deliver regular briefings to senior leadership, risk committees, and the board.* Translate complex technical risks into clear business impacts and recommended actions.* Provide transparent reporting on remediation performance, threat landscape changes, and exposure reduction progress.* Provide updates to regulatory bodies regarding the security posture or any related incidents.Qualifications* 15+ years of cybersecurity experience, with deep expertise in vulnerability management, threat intelligence, application security, or offensive/defensive security.* Proven leadership experience managing technical teams and enterprise‑scale security programs.* Strong understanding of vulnerability scanning tools, AppSec testing platforms, cloud security, and threat intelligence technologies.* Demonstrated expertise in Red and Blue Team operations, including hands‑on knowledge of adversary emulation, penetration testing (web, network, cloud), threat hunting, incident detection and response, malware analysis, and validation of security controls across complex enterprise environments.* Deep understanding of secure coding practices, shift left practices, application security capabilities, CI/CD pipelines, and DevSecOps principles.* Experience working in regulated industries and supporting audits, regulators,
#J-18808-Ljbffr
