Security GRC Specialist

Aviso is a leading wealth management organization focused on leadership, innovation, partnership, responsibility, and community. Working with talented professionals who exemplify our values, you will notice our dynamic ‘oneaviso' culture. Learn more at The Opportunity We’re looking for an experienced Security GRC Specialist to join our growing Security GRC team. Reporting to the Director of Security Governance, Risk & Compliance (GRC), the Security GRC Specialist will be responsible to govern the risk management lifecycle, including monitoring findings remediation, assurance programs and reporting appropriate metrics to the senior leadership.

Who you are

Service - You put your clients' needs first. You advocate service excellence, and work to deliver client-centric solutions, and proactively develop strategic partnerships that allow Aviso to become a trusted advisor and partner Execution - You are committed to achieving your goals and to succeed. This includes focusing on "getting things done", as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement.

You take accountability for your actions and learn from mistakes Collaboration - You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization What your day looks like Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks Track and Manage mitigation plans and ensure timely resolution Support the development and maintenance of cybersecurity risk register KPI monitoring and reporting Risk related sections (Governance, Assurance, Third Party Risk) are described below, along with GRC tooling. Governance Assist in development, review and maintenance of Technology & Cybersecurity Policies, Standards, and procedures Ensure alignment of internal policies with industry frameworks (NIST, ISO, COBIT) Support audits and board level reporting including preparing key metrics Assurance Monitor compliance with external regulatory and internal control requirements Support internal and external audits; conduct periodic control testing including design and operating effectiveness Third Party Risk Support vendor risk assessments, including reviewing response to questionnaire Maintain and enhance governance process through GRC tools (e.g., Archer, ServiceNow GRC, Resolver, etc.) Support reporting, dashboard creation and automation of risk and compliance processes GRC Tools Maintain and enhance governance processes through GRC tools (e.g., Archer, ServiceNow GRC, Resolver, etc.) Support reporting, dashboard creation and automation of risk and compliance processes Requirements Your experience and skills: Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a related field Relevant certifications such as CRISC, CISA, CISSP are an asset 5-8 years of experience in IT risk, cybersecurity risk, audit, compliance or equivalent roles Working knowledge of IT governance frameworks and standards (e.g., NIST CSF, ISO 27001, ITIL) Familiarity with regulatory and compliance requirements Experience with GRC platforms and tools Ability to work in a fast-paced environment and stay updated on emerging threats and vulnerabilities Proactiveness, natural curiosity, a willingness to learn, adaptability in an evolving environment, and a strong problem-solving mindset Ability to work across multiple business units and collaborate across teams Fluent communication skills in English are required; bilingual skills in French are an asset Benefits Competitive compensation package that rewards and recognizes individual contributions Excellent health, dental and insurance benefits Generous vacation time, fitness benefit, parental leave top-up options Matching contributions to our retirement program Commitment to continuous improvement through learning & development and an education assistance program Regular social events to foster teamwork Your Information By submitting your application, you consent to the collection, use, and disclosure of your provided personal information for the purposes of assessing your qualifications and suitability for employment with Aviso.

Your information will be handled in accordance with applicable Canadian privacy laws, including PIPEDA and relevant provincial legislation. Your data may be shared with authorized personnel involved in the recruitment process and retained only as long as necessary to fulfill these purposes or as required by law. Further information is available on the Privacy link on our Career Page - Privacy Policies Equal Employment Opportunity Aviso welcomes and encourages applications from all qualified individuals including persons with disabilities. If you require an accommodation, we will work with you to meet your needs in all stages of the hiring process.

We thank all applicants for their interest; however, only those selected for further consideration will be contacted. No recruiters or agencies, please. Company Overview Aviso is a leading wealth management and investment services provider for the Canadian financial industry, with approximately $145 billion in total assets under administration and management, and over 1,000 employees. We are building a technology-enabled, client-centric wealth services ecosystem.

Our clients include partners, advisors, and investors. Aviso collaborates with credit unions, investment dealers, insurance and trust companies, and introducing brokers. Our partners depend on Aviso for solutions that give them a competitive edge. Our services include NEI Investments and Qtrade Direct Investing, among others.

Aviso is backed by the credit union Centrals, Co-operators/CUMIS, and Desjardins. We power businesses that empower investors. A career with Aviso means working with talented, energetic professionals who live our values and pursue success and career development. If you’re looking for interesting and challenging work at a company committed to its people, apply to join our team.

Salary

This position is posted with an expected salary range of $105,000 - $125,000 CAD annually. Individual compensation packages are based on factors unique to each candidate and the requirements of the position. #J-18808-Ljbffr