×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Information Security IT Consultant

AVP, Threat and Vulnerability Management

Job in Southwestern Ontario, London, Ontario, Canada
Listing for: Sun Life Financial
Full Time position
Listed on 2026-02-19
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 CAD Yearly CAD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: Southwestern Ontario

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do.

Discover how you can make a difference in the lives of individuals, families and communities around the world.

Overview

As the AVP, Global Threat & Vulnerability Management (TVM) within Digital Security Threat Management (DSTM) under Security, Risk & Crisis Management (SRC), you will lead Sun Life’s global capability for identifying, assessing, prioritizing, and mitigating cyber vulnerabilities and threats across the enterprise. You will oversee multiple sub‑disciplines—vulnerability management, red teaming, threat intelligence, defensive security (blue team), application security platform & testing, and incident management & process development—ensuring Sun Life maintains a resilient and compliant security posture.

This role partners closely with Security Engineering & Advisory, Technology Risk & Compliance, Security Governance & Client Programs, Security Initiatives & Awareness, and Security Operations to drive measurable improvements in cyber resilience and reduce enterprise attack surface.

Responsibilities
  • Enterprise Vulnerability Management Leadership:
    You are the Responsible Person/Contact for the enterprise Vulnerability Management Directive, overseeing the entire vulnerability lifecycle across Sun Life: identification, prioritization, reporting, remediation governance, and compliance monitoring.
  • Cyber Threat Intelligence & Hunting:
    Oversee the Cyber Threat Intelligence (CTI) and Cyber Threat Hunting (CTH) function responsible for collection, analysis, and operationalization of threat intelligence; monitor global threats; identify indicators of compromise and attacker behaviors; produce actionable threat briefings; maintain relationships with intelligence-sharing communities and partners; ensure threat intelligence informs detection engineering, vulnerability prioritization, and offensive testing; perform continuous Threat Hunting; develop and refine use cases with Security Operations and Engineering teams.
  • Red Team / Offensive Security Oversight:
    Lead the Offensive Security (Red Team) program, conducting application, network, social engineering, and physical penetration tests; adversary emulation; intelligence-led penetration testing; validate remediation effectiveness and align with threat intelligence.
  • Blue Team / Defensive Security Oversight:
    Lead the Defensive Security (Blue Team) program; respond to detections; evolve capabilities based on threat intelligence and testing results; partner with Offensive Security, CTI and Security Operations to enhance detection coverage, reduce dwell time, and improve alert fidelity.
  • Security Incident & Process Management:
    Lead the Security Incident team; respond to security incidents; govern maturity of incident response processes, playbooks and readiness exercises; ensure high-quality incident handling with clear communication and post‑incident reviews.
  • Application Security Platforms:
    Oversee application security scanning capabilities (static, dynamic, software composition and mobile analysis); partner with Dev Ops to integrate security into pipelines; drive remediation strategies and provide secure development guidance; ensure findings feed into enterprise vulnerability reporting.
  • Application Security Testing:
    Lead Sun Life’s Application Security Testing function; own strategy and execution of the enterprise testing framework; ensure annual penetration testing for critical applications; drive high-quality, repeatable results and adoption of advanced testing approaches.
  • Cross‑Functional

    Collaboration:

    Partner with Security Engineering & Advisory, Technology Risk & Compliance, Security Governance & Client Programs, Security Initiatives & Awareness, and Security Operations to align…
    • Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search