Cybersecurity Vulnerability Management Analyst

Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.

We are seeking a resourceful and forward-thinking Vulnerability Management Analyst. Your primary role is to operate information security’s vulnerability management program, work with peers in different decision centers to remediate vulnerabilities, present the findings and help others in remediation activities - so strong problem-solving skills are a must. This position is critical to the success of the organization by providing outstanding understanding of attack surface of Aviva’s infrastructure. You will also ensure that appropriate security controls are applied and tested throughout the software development lifecycle.

Responsibilities include planning and prioritizing vulnerability scanning activities and coordinating remediation efforts. The role involves taking ownership of vulnerability management activities like – scanning, triaging, prioritization and streamlining the vulnerability management process with timely remediation. This role will report the maturity of scanning and vulnerability findings to different partners.

The role is part of Aviva’s Canada information security operations team.

The incumbent will have extensive experience with Information Technology and expert level knowledge of Information Security principles as well as basic project-management skills, with outstanding communications skills.

Does this sound like you?!

What you'll do

• Operate information security’s vulnerability management program efficiently to reduce operational risks and meet the program’s SLAs and KPIs.

• Ensure that appropriate security controls are applied and tested throughout the software development lifecycle. Work on vulnerability management process with ability to identify, resolve and improve efficiency in operations.

• Identify gaps and support action plans to strengthen Vulnerability Management control efficiency.

• Partner with multiple teams across the organization and 3rd party service provider to map, track, monitor and communicate progress on vulnerability remediation activities.

• Provide technical guidance collaboratively to peers in both IT and information security on vulnerability remediation.

• Provide the required support to senior management on matters related to vulnerability management program.

• Anticipate and plan for future risk in meeting vulnerability SLA’s Coordinate and communicate with internal partners across the IT department.

• Ensure all Vulnerability Management related controls are demonstrable and sustainable on a continuous basis.

• Ability to adapt in a fast-paced environment.

What you'll bring

• Bachelor's Degree with a focus on Cybersecurity or equivalent experience.

• Financial industry specific background would be an asset.

• A background in information security operations; threat and vulnerability management.

• At least 3 years’ experience working in an enterprise IT environment; Demonstrated ability to establish effective working relationships and collaborative work approaches with both internal and external peers.

• Active information security certification, such as CISSP, OSCP, etc.

• Deep technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques. Build procedures and customized scan configurations appropriate for the desired performance and accuracy.

• Skilled at reviewing, analyzing, discussing, explaining, and reporting vulnerability scan results.

• Good interpersonal skills, ability to handle multiple projects simultaneously in a controlled manner.

• Outstanding communications skills including preparing briefings, presentations, and oral status reports.

• Possess strong analytical skills and problem-solving capabilities.

• Experience with vulnerability management solutions.

What you’ll get

• Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.

• Outstanding Career Development opportunities.

• We’ll support your professional development education.

• Competitive vacation package with the option to purchase 5 extra days off per year.

• Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.

• Corporate wellness programs to support our employees’ physical and mental health.

• Hybrid flexible work model.

Please note that we may use AI tools to help us through the recruitment process. This is a new position which has been posted both internally & externally.

Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.