Security Architect
Canada - Markham ON 10 Aviva Way
Full Time Senior-level / Expert USD 107K - 200K
- Remote-first
- Website
- @avivaplc 𝕏
- Search
Aviva
Our global corporate website for investors, shareholders, career hunters, the media and people interested in our social purpose.Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.
We are looking for a Security Architect who will come in and define and oversee the implementation of strategic cyber security capabilities through contributing to target architecture and roadmaps and working with others to embed ‘security by design’ and ‘privacy by design’ into all projects.
Come join our team!
What you'll do:
Maintain, embed and support development of security enterprise architecture assets ( Principles, Requirements, Target Architectures, Standards, and Roadmaps) in solutions
Work with business and IT change project managers and solution architects to set projects up for success by driving alignment to principles and standards
Work with technical and business partners to provide direction and drive issue resolution - providing analysis, identifying key decisions, and capturing next steps or plan for issue resolution.
Lead or support strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing
Support architecture governance using CISO and Group Architecture governance processes and board structures
Provide ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.
Information Protection: Data discovery, labelling & classification, data monitoring & data loss prevention, rights management
Security Management Services: Security monitoring, event correlation and user behaviour analytics, vulnerability management, risk management, and threat intelligence
Application & Database Security: SDLC tooling incl. code scanning solutions, Database firewall & activity monitoring, application secrets management
Leading the requirements and direction for Infrastructure Security Domains provided by Infrastructure & Operations:
Identity & Access Management: RBAC, recertification, federation, key & certificate management, conditional and posture-based access, MFA incl. biometric, privileged access management
Infrastructure protection: Signature and advanced anti-malware, endpoint lockdown, network security incl. gateways and IDS/IPS, infrastructure patching, build and patch compliance Risk & Controls
Identify, own and manage the specific key risks and/or IT controls and BP standards that you are identified as the owner and/or nominee for on iCARE or Archer. Ensure that issues and actions associated to controls / risks are remediated in a timely manner. Maintain appropriate records on iCARE or Archer . Ensure that controls are sufficiently well designed and operating effectively to keep the risks that they mitigate within Aviva's tolerance level
Accountable for solving problems and dealing with difficulties in line with policy, process and other guidelines applying technical knowledge and expertise
Depending on the nature of the specific role, problems can range from repetitive daily issues to complex technical problems requiring significant expertise: able to make complex architectural decisions (for ratification by CISO & CIO boards) using conceptual, logical and physical views
Accountable for road map development that supports planning and optimisation of complex projects/programmes that will impact multiple markets
Take personal initiative in adapting to change Internal Collaboration
Build effective working relationships across aligned CISO and IT teams associated with owned Security Architecture domain.
Build effective working relationships across relevant teams in external suppliers, through communities, conferences and forums using industry awareness, methods and techniques for the benefit of Aviva Timeframe
What you'll bring:
Educated to Degree level (or equivalent) preferably in Technology or Information Security
Professional qualification in Information Security e.g. Certified Information Systems Security Professional (CISSP) or similar
Professional qualification in Architecture Development methods (e.g. TOGAF)
Have demonstrable, well grounded experience in an information security field including key technologies and use of key Information Security Frameworks (e.g. ISF, NIST, ISO)
Experience of operating and engaging with senior management
Experience of operating in a home team, and in virtual teams aligned to Domains and Projects
Be adept at identifying and addressing emerging domain trends and articulating considerations, impacts and future decisions
What you’ll get:
The salary band for this position ranges from $107,700 to $200,100. Please note that individual salary is determined by factors such as job-related knowledge, skills and experience, as well as internal equity.
Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.
Outstanding Career Development opportunities.
We’ll support your professional development education.
Competitive vacation package with the option to purchase 5 extra days off per year
Employee driven programs focused on gender, LGBTQ+, origins, diversity and inclusion
Corporate wellness programs to support our employees’ physical and mental health
Hybrid flexible work model
Please note that we may use AI tools to help us through the recruitment process. This is a new position which has been posted both internally & externally.
Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.
Tags: Analytics Certificate management CISO CISSP Compliance Firewalls Governance IDS IPS Malware Monitoring Network security NIST Privacy Risk management SDLC Threat intelligence TOGAF Vulnerability management
Perks/benefits: Career development Competitive pay Conferences Equity / stock options Flex hours Flex vacation Health care Salary bonus Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.