Security GRC Specialist managing risk lifecycle and compliance at Aviso, a leading wealth management organization. Conducting assessments and supporting governance in a dynamic work environment.
Responsibilities
**What your day looks like:**
*Risk Management *
Conduct risk assessments of IT infrastructure, applications, third parties, and critical processes to identify, assess and report on technology and cybersecurity risks
Track and Manage mitigation plans and ensure timely resolution
Support the development and maintenance of cybersecurity risk register KPI monitoring and reporting
*Governance *
Assist in development, review and maintenance of Technology & Cybersecurity Policies, Standards, and procedures
Ensure alignment of internal policies with industry frameworks (NIST, ISO, COBIT) ·
Support audits and board level reporting including preparing key metrics
*Assurance *
Monitor compliance with external regulatory and internal control requirements
Support internal and external audits · Conduct periodic control testing including design and operating effectiveness
*Third Party Risk *
Support vendor risk assessments, including reviewing response to questionnaire
*GRC Tools ·*
Maintain and enhance governance process through GRC tools (e.g., Archer, ServiceNow GRC, Resolver etc.)
Support reporting, dashboard creation and automation of risk and compliance processes
Requirements
**Your experience and skills:**
Bachelor's Degree in Information Security, Computer Science, Business, Risk Management or a related field
Relevant certifications such as CRISC, CISA, CISSP are an asset
5-8 years of experience in IT risk, cybersecurity risk, audit, compliance or equivalent roles
Working knowledge of IT governance frameworks and standards (e.g., NIST CSF, ISO 27001, ITIL)
Familiarity with regulatory and compliance requirements
Experience with GRC platforms and tools
Ability to work in a fast-paced environment and stay updated on emerging threats and vulnerabilities
Proactiveness, natural curiosity, a willingness to learn, adaptability in an evolving environment, and a strong problem-solving mindset
Ability to work across multiple business units and collaborate across teams
Fluent communication skills in English are required and bilingual skills in French are an asset
Benefits
**Why Aviso?**
At Aviso, you will find a dynamic and inclusive culture that rewards innovation and celebrates success. ** Here are a few things that set us apart:
Competitive compensation package that rewards and recognizes individual contributions
Excellent health, dental and insurance benefits to meet the diverse needs of our employees
Generous vacation time, fitness benefit, parental leave top-up options
Matching contributions to our retirement program
Commitment to the continuous improvement of our staff through learning & development and an education assistance program
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.