Security Grc Specialist

**The Opportunity**:
We’re looking for an experienced Security GRC Specialist to join our growing Security GRC team.

Reporting to the Director of Security Governance, Risk & Compliance (GRC), the Security GRC Specialist will be responsible to govern the risk management lifecycle, including monitoring findings remediation, assurance programs and reporting appropriate metrics to the senior leadership.

**Who you are**:

- **Service** - You consider both internal and external stakeholders and demonstrate intent of understanding and putting the clients’ needs first. You advocate service excellence and work to deliver solutions that meet the needs. You proactively develop strategic partnerships that allow Aviso Wealth to become a trusted advisor and partner
- **Execution** - You are committed to achieving your goals and to succeed. This includes focusing on “getting things done”, as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes
- **Collaboration** - You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization

**What your day looks like**:

- Risk Management _
- Track and Manage mitigation plans and ensure timely resolution
- Support the development and maintenance of cybersecurity risk register KPI monitoring and reporting
- Governance _
- Assist in development, review and maintenance of Technology & Cybersecurity Policies, Standards, and procedures
- Ensure alignment of internal policies with industry frameworks (NIST, ISO, COBIT)
- Support audits and board level reporting including preparing key metrics
- Assurance _
- Monitor compliance with external regulatory and internal control requirements
- Support internal and external audits - Conduct periodic control testing including design and operating effectiveness
- Third Party Risk _
- Support vendor risk assessments, including reviewing response to questionnaire
- GRC Tools -_
- Maintain and enhance governance process through GRC tools (e.g., Archer, ServiceNow GRC, Resolver etc.)
- Support reporting, dashboard creation and automation of risk and compliance processes

**Requirements**:
**Your experience and skills**:

- Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a related field
- Relevant certifications such as CRISC, CISA, CISSP are an asset
- 5-8 years of experience in IT risk, cybersecurity risk, audit, compliance or equivalent roles
- Working knowledge of IT governance frameworks and standards (e.g., NIST CSF, ISO 27001, ITIL)
- Familiarity with regulatory and compliance requirements
- Experience with GRC platforms and tools
- Ability to work in a fast-paced environment and stay updated on emerging threats and vulnerabilities
- Proactiveness, natural curiosity, a willingness to learn, adaptability in an evolving environment, and a strong problem-solving mindset
- Ability to work across multiple business units and collaborate across teams
- Fluent communication skills in English are required and bilingual skills in French are an asset

**Benefits**

**Why Aviso Wealth?**

At Aviso Wealth, you will find a dynamic and inclusive culture that rewards innovation and celebrates success.
Here are a few things that set us apart:

- Competitive compensation package that rewards and recognizes individual contributions
- Excellent health, dental and insurance benefits to meet the diverse needs of our employees
- Generous vacation time, fitness benefit, parental leave top-up options
- Matching contributions to our retirement program
- Commitment to the continuous improvement of our staff through learning & development and an education assistance program
- Regular social events to foster teamwork

**Equal Employment Opportunity**

We thank all applicants for their interest, however, only those selected for further consideration will be contacted.

No recruiters or agencies, please.

**Company Overview**:
Aviso is a leading wealth management and investment services provider for the Canadian financial industry, with approximately $145 billion in total assets under administration and management, and over 1,000 employees. We’re building a comprehensive, technology-enabled, client-centric wealth services ecosystem. Our clients include our partners, advisors, and investors. We’re a trusted partner for nearly all credit unions across Canada, in addition to a wide range of portfolio managers, investment dealers, insurance and trust companies, and introducing brokers. Our partners depend on Aviso for specific solutions that give them a competitive edge in a rapid