Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.
We are looking for a positive and forward-thinking IT Risk and Controls Partner specializing in Cyber and Information Security. The ideal candidate will have outstanding collaboration and interpersonal skills, good communication and expertise knowledge and experience. This role will report directly into the Head of Technology Strategic Initiatives, Risk and Operations and will be a key role within IT’s first line risk and control team and critical to ensuring a strong risk culture across the department.
What you'll do
You will deliver efficient, effective and timely first line oversight of risk management related to Cyber and information security risks of which Aviva Canada is exposed. This includes activities required by Aviva Canada’s operational risk and control methodology, for example:
Performing Risk and Control assessments
Managing risk events and issues, facilitating root cause analysis of incidents and quantifying impact of loss events
Monitoring the IT risk profile, KRIs and associated metrics of Aviva Canada’s cyber and information security risks to proactively identify changes in the risk profile and emerging risks
Support in depth analysis on inherent and residual risk faced by Aviva Canada in relation to Cyber and Data loss risks
Monitor and report the status of management’s IT risk response plans
Ensuring our GRC tool ‘iCare’ is reliable and up to date
Reporting on identified IT and cyber-security vulnerabilities with language that senior leaders can understand and use
Develop and manage relationships with technology / CISO partners; this includes Aviva Canada and Aviva Group second and third lines of defense, Aviva Canada’s other first line risk and control teams.
Periodically analyze relevant risk data (internal and external) to identify common themes, patterns and/or trends at an aggregate level.
Act as an SME on cyber and information security to support Aviva Canada’s technology and business transformation projects where required.
Support the identification and reporting submissions for Aviva Canada of regulatory surveys and remain up to date on new developments and emerging risks.
What you'll bring
5+ years of experience within IT Operations, IT System Development Life Cycle, IT and/or Cyber Risk Management, Governance and/or Audit.
Effective communication, listening, presentation, and facilitation skills.
Effective interpersonal, leadership, and relationship-building skills in engaging with various levels of management.
Ability to analyze complex data sets, identify trends and communicate actionable conclusions
Strong strategic and critical thinking skills.
Experience using GRC risk management tools.
Professional certifications and member of associations such as CRISC, CISA, CISSP, CISM etc. are an asset.
What you’ll get
The salary band for this position ranges from $115,000 to $150,000. Please note that individual salary is determined by factors such as job-related knowledge, skills and experience, as well as internal equity.
Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.
Outstanding Career Development opportunities.
We’ll support your professional development education.
Competitive vacation package with the option to purchase 5 extra days off per year.
Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.
Corporate wellness programs to support our employees’ physical and mental health.
Hybrid flexible work model.
This job advertisement is for an existing vacancy which has been posted both internally & externally.
Aviva Canada may use AI (Artificial Intelligence) tools to assist us throughout the recruitment process to screen, assess or select applicants for a position.
Aviva Canada welcomes applications from all qualified individuals and has a process in place to provide accommodations for persons with disabilities at all stages of the hiring process and during employment. If you require an accommodation during the interview or hiring process, please contact your Aviva Talent Acquisition Partner so that an appropriate accommodation can be arranged.
#LI-PS1
#LI-Hybrid
IT Risk & Controls Partner (Information Security) • Markham
Canada’s largest home and commercial services companies servicing over one million customers across Ontario, Manitoba, Saskatchewan, Alberta, British Columbia, Quebec and New Brunswick.Enercare is ... Show more
A leading technology firm in Toronto is looking for an IT Audit Manager to execute and complete cybersecurity process audits.This mid-senior level position requires 4+ years of experience in IT aud... Show more
Lead the Cybersecurity Governance initiatives at GreenShield as the Director of Information Security Governance.This strategic role combines leadership with operational oversight, ensuring a risk-a... Show more
Lead information security operations in a global investment firm as the Director of Security Operations.Ensure effective incident response and enhance organizational security posture.In this senior... Show more
The Manager, Information Risk Management, plays a key role in providing independent Line 2 oversight across Global Cybersecurity Services (GCS) and broader technology domains.This role leads and ex... Show more
IT Risk & Controls Partner (Information Security) page is loaded## IT Risk & Controls Partner (Information Security)locations: Markhamposted on: Publié aujourd'huijob requisition id: R-163697... Show more
A leading security consultancy in Ontario seeks an Information & Application Security Manager to lead their cybersecurity strategy and oversee IT, applications, and infrastructure security.This han... Show more
A leading consulting firm is seeking a Senior Manager for their Technology Risk Services team in Toronto.This role involves managing IT audits, mentoring junior staff, and engaging with clients in ... Show more
Senior Manager - IT Governance Risk and Control.Posted Wednesday, March 25, 2026 at 4:00 a.Canada’s largest home and commercial services companies servicing over one million customers across Ontari... Show more
The Manager, Technology Risk and Controls is a hands‑on technical manager that supports the engineering, automation, and operationalisation of Technology and Cyber Risk controls and compliance acro... Show more
An educational organization in Toronto is seeking an IT Manager to lead the technology strategy and ensure reliable systems across its corporate and franchise environments.This role requires strong... Show more
A leading Canadian credit union in Toronto seeks an IT Risk Oversight Specialist to manage IT risk oversight programs, lead audit activities, and provide independent oversight reporting.The role re... Show more
Lead a transformative internal controls function as the Director of Internal Controls.Oversee AI-enabled controls, ensuring compliance and mitigating risks through innovative and robust operational... Show more
Drive security initiatives as an Information Security Specialist, protecting critical assets.Utilize your expertise in cybersecurity while collaborating with business and IT stakeholders in a hybri... Show more
Set the strategic direction of the design, development, and implementation of domain-level reports for IT Risk Management.Lead a team to a standard of excellence for the development and publication... Show more
Join an elite investment manager as the Director of Information Security Operations, responsible for leading security initiatives and implementing cutting-edge technology safeguards.Focus on threat... Show more
Our client is a well-funded, seed-stage AI startup that builds agents for the factory floor.They develop and distribute a software-first agent layer that plugs into the cameras and machines factori... Show more
Senior Manager, Information Security Risk & Governance.The Senior Manager, Information Security Risk & Governance leads the Information Security Risk Management and Governance programs.Their main o... Show more
){kind=logo}
