Security GRC Specialist

At Aviso, we are dedicated to improving the financial well-being of Canadians. As a leading wealth management organization, we are committed to leadership, innovation, partnership, responsibility, and community. Working with talented and energetic professionals who exemplify our values every day, you will quickly notice that our people and dynamic ‘oneaviso’ culture sets us apart. If you are looking for interesting and challenging work, at a company committed to its people, find out more about what Aviso has to offer at

The Opportunity:

We’re looking for an experienced Security GRC Specialist to join our growing Security GRC team.

Reporting to the Director of Security Governance, Risk & Compliance (GRC), the Security GRC Specialist will be responsible to govern the risk management lifecycle, including monitoring findings remediation, assurance programs and reporting appropriate metrics to the senior leadership.

Who you are:

• Service – You put your clients’ needs first. You advocate service excellence, and work to deliver client-centric solutions, and proactively develop strategic partnerships that allow Aviso to become a trusted advisor and partner
• Execution – You are committed to achieving your goals and to succeed. This includes focusing on “getting things done”, as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes
• Collaboration – You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization

What your day looks like:

Risk Management

• Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks
• Track and Manage mitigation plans and ensure timely resolution
• Support the development and maintenance of cybersecurity risk register KPI monitoring and reporting

Governance

• Assist in development, review and maintenance of Technology & Cybersecurity Policies, Standards, and procedures
• Ensure alignment of internal policies with industry frameworks (NIST, ISO, COBIT) ·
• Support audits and board level reporting including preparing key metrics

Assurance

• Monitor compliance with external regulatory and internal control requirements
• Support internal and external audits · Conduct periodic control testing including design and operating effectiveness

Third Party Risk

• Support vendor risk assessments, including reviewing response to questionnaire

GRC Tools ·

• Maintain and enhance governance process through GRC tools (, Archer, ServiceNow GRC, Resolver etc.)
• Support reporting, dashboard creation and automation of risk and compliance processes

Requirements

Your experience and skills:

• Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a related field
• Relevant certifications such as CRISC, CISA, CISSP are an asset
• 5-8 years of experience in IT risk, cybersecurity risk, audit, compliance or equivalent roles
• Working knowledge of IT governance frameworks and standards (, NIST CSF, ISO 27001, ITIL)
• Familiarity with regulatory and compliance requirements
• Experience with GRC platforms and tools
• Ability to work in a fast-paced environment and stay updated on emerging threats and vulnerabilities
• Proactiveness, natural curiosity, a willingness to learn, adaptability in an evolving environment, and a strong problem-solving mindset
• Ability to work across multiple business units and collaborate across teams
• Fluent communication skills in English are required and bilingual skills in French are an asset

Benefits

Why Aviso?

At Aviso, you will find a dynamic and inclusive culture that rewards innovation and celebrates success.
Here are a few things that set us apart:

• Competitive compensation package that rewards and recognizes individual contributions
• Excellent health, dental and insurance benefits to meet the diverse needs of our employees
• Generous vacation time, fitness benefit, parental leave top-up options
• Matching contributions to our retirement program
• Commitment to the continuous improvement of our staff through learning & development and an education assistance program
• Regular social events to foster teamwork

Your Information

By submitting your application, you consent to the collection, use, and disclosure of your provided personal information for the purposes of assessing your qualifications and suitability for employment with Aviso. Your information will be handled in accordance with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and relevant provincial legislation. Your data may be shared with authorized personnel involved in the recruitment process and retained only as long as necessary to fulfill these purposes or as required by law.

Further information is available on the Privacy link on our Career Page – Privacy Policies

Equal Employment Opportunity

Aviso welcomes and encourages applications from all qualified individuals including persons with disabilities. If you require an accommodation, we will work with you to meet your needs in all stages of the hiring process.

We thank all applicants for their interest, however, only those selected for further consideration will be contacted.

No recruiters or agencies, please.

Company Overview:

Aviso is a leading wealth management and investment services provider for the Canadian financial industry, with approximately $145 billion in total assets under administration and management, and over 1,000 employees. We’re building a comprehensive, technology-enabled, client-centric wealth services ecosystem. Our clients include our partners, advisors, and investors. We’re a trusted partner for nearly all credit unions across Canada, in addition to a wide range of portfolio managers, investment dealers, insurance and trust companies, and introducing brokers. Our partners depend on Aviso for specific solutions that give them a competitive edge in a rapidly evolving, highly competitive industry. Our investment dealer and mutual fund dealer and our insurance services support thousands of investment advisors. Our asset manager, NEI Investments, specializes in investing responsibly. Our online brokerage, Qtrade Direct Investing, empowers self-directed investors, and our fully automated investing service, Qtrade Guided Portfolios, serves investors who prefer a hands-off approach. Aviso Correspondent Partners provides custodial and carrying broker services to a wide range of firms. We have offices in Toronto, Vancouver, Montreal, and Winnipeg. Aviso is backed by the collective strength of our owners: the credit union Centrals, Co-operators/CUMIS, and Desjardins. We’re proud to power businesses that empower investors.

A career with Aviso means being part of a group of talented, energetic professionals who live their values every day, and belonging to an organization dedicated to your success and career development. If you’re looking for interesting and challenging work, at a company committed to its people, apply to join our team.

Salary

This position is posted with an expected salary range of $105000 - $125,000 CAD annually. Individual compensation packages are based on various factors unique to each candidate and the requirements of the position.