Director Security Governance Risk and Compliance
Director Security Governance Risk and Compliance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Aviso Wealth:
At Aviso we are dedicated to improving the financial wellbeing of Canadians. As a leading wealth management organization we are committed to leadership innovation partnership responsibility and community. Working with talented and energetic professionals who exemplify our values every day you will quickly notice that our people and dynamic oneaviso culture sets us apart. If you are looking for interesting and challenging work at a company committed to its people find out more about what Aviso has to offer at
The Opportunity:
Were looking for a Director Security Governance Risk and Compliance (GRC) to join our Technology Security team.
Reporting to the VP Technology Security the Director Security Governance Risk and Compliance (GRC) is responsible for leading the organizations efforts in managing risk ensuring compliance with regulatory requirements overseeing the awareness programs and maintaining a robust governance framework. The successful candidate will lead efforts to assess and manage risks develop security metrics ensure regulatory compliance and drive security awareness across the organization. This role requires extensive experience with the NIST Cybersecurity Framework (CSF) and ISO 27001 standards to enhance the organizations security posture and align with regulatory requirements industry standards and best practices.
Who you are:
- Service You consider both internal and external stakeholders and demonstrate intent of understanding and putting the clients needs first. You advocate service excellence and work to deliver solutions that meet the needs. You proactively develop strategic partnerships that allow Aviso Wealth to become a trusted advisor and partner
- You are committed to achieving your goals and to succeed. This includes focusing on getting things done as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes
- Collaboration You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration build trust and inclusion and work to establish effective relationships both inside and outside of the organization
- Leadership You lead your team and provide regular direction guidance coaching and motivation all while striving for peak performance. You assist them in overcoming obstacles through additional resources removal of roadblocks and providing the level of support required for their success. You delegate and deliver feedback based on the indepth understanding of your individual team members
What your day looks like:
Governance:
- Develop lead and maintain GRC strategies policies procedures and standards
- Ensure alignment of GRC strategies with business objectives and regulatory requirements
- Lead the development and maintenance of the organizations information security governance framework
Risk Management:
- Develop and craft the overall cybersecurity risk and governance vision
- Identify assess and prioritize cyber risks to the organizations information assets
- Develop and implement risk management strategies and mitigation plans. Ensure that cybersecurity risks are managed collaboratively with the business and decisions are made on a balanced riskprioritized basis
- Develop and maintain the enterprisewide security risk register ensuring risks are properly documented prioritized and mitigated
- Build and develop thirdparty cybersecurity risk management process to continuously assess the organizations third party from a cybersecurity perspective
- Conduct regular risk assessments and audits ensuring compliance with NIST CSF. Lead periodic selfassessments against the framework along with independent thirdparty assessments
Compliance:
- Develop build and refine service metrics KPIs and KRIs for cybersecurity risk and governance functions
- Collaborate with the SOC team to manage security incidents and breaches ensuring root cause analysis and corrective actions are completed
- Ensure compliance with relevant laws regulations and industry standards (e.g. PIPEDA CIRO etc.
- Implement and monitor controls to ensure adherence to NIST CSF. Oversee the organizations NIST CSF certification process and maintain compliance with its requirements
Security Awareness and Training:
- Design and conduct security awareness and training programs for employees such as phishing/spearphishing etc.
- Promote a culture of security awareness and compliance throughout the organization
Collaboration and Communication:
- Work closely with IT legal and other departments to ensure comprehensive GRC practices
- Communicate GRC issues and initiatives to senior management and the board of directors
Requirements
Your experience and skills:
- Bachelors degree in Information Security Computer Science or a related field (Masters degree preferred)
- A minimum of 10 years of experience in information security with at least 5 years in a leadership role
- Extensive experience with NIST CSF and ISO 27001 standards
- Relevant certifications include CISSP CISM CRISC or ISO 27001 Lead Implementer/Auditor
- Strong understanding of regulatory requirements and industry standards (e.g. NIST CSF PIPEDA ISO 27001 etc.
- Proven ability to develop and implement GRC strategies and programs
- Excellent communication leadership and project management skills
- Ability to work effectively in a fastpaced dynamic environment
- Experience with cloud environments preferred (Azure AWS Google)
- Strong analytical and problemsolving skills
- Ability to influence and collaborate with stakeholders at all levels of the organization
- Fluent communication skills in English are required and bilingual French skills are an asset
Benefits
Why Aviso Wealth
At Aviso Wealth you will find a dynamic and inclusive culture that rewards innovation and celebrates success.
Here are a few things that set us apart:
- Competitive compensation package that rewards and recognizes individual contributions
- Excellent health dental and insurance benefits to meet the diverse needs of our employees
- Generous vacation time fitness benefit parental leave topup options
- Matching contributions to our retirement program
- Commitment to the continuous improvement of our staff through learning & development and an education assistance program
- Regular social events to foster teamwork
Equal Employment Opportunity
Aviso Wealth welcomes and encourages applications from all qualified individuals including persons with disabilities. If you require an accommodation we will work with you to meet your needs in all stages of the hiring process.
We thank all applicants for their interest however only those selected for further consideration will be contacted.
No recruiters or agencies please.
Company Overview:
Aviso is a leading wealth management and investment services provider for the Canadian financial industry with over $130 billion in total assets under administration and management and over 1000 employees. Were building a comprehensive technologyenabled clientcentric wealth services ecosystem. Our clients include our partners advisors and investors. Were a trusted partner for nearly all credit unions across Canada in addition to a wide range of portfolio managers investment dealers insurance and trust companies and introducing brokers. Our partners depend on Aviso for specific solutions that give them a competitive edge in a rapidly evolving highly competitive industry. Our investment dealer and mutual fund dealer and our insurance services support thousands of investment advisors. Our asset manager NEI Investments specializes in investing responsibly. Our online brokerage Qtrade Direct Investing empowers selfdirected investors and our fully automated investing service Qtrade Guided Portfolios serves investors who prefer a handsoff approach. Aviso Correspondent Partners provides custodial and carrying broker services to a wide range of firms. We have offices in Toronto Vancouver Montreal and Winnipeg. Aviso is backed by the collective strength of our owners: the credit union Centrals Cooperators/CUMIS and Desjardins. Were proud to power businesses that empower investors.
A career with Aviso means being part of a group of talented energetic professionals who live their values every day and belonging to an organization dedicated to your success and career development. If youre looking for interesting and challenging work at a company committed to its people apply to join our team.
Salary
This position is posted with an expected salary range of $145000 $175000 CAD annually. Individual compensation packages are based on various factors unique to each candidate and the requirements of the position.
Required Experience:
Director
Employment Type
Full-Time
