AVP, Threat and Vulnerability Management

Sun Life Financial • Full-time • Sun Life Toronto One York, Canada • 1d ago

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

Overview

As the AVP, Global Threat & Vulnerability Management (TVM) within Digital Security Threat Management (DSTM) under Security, Risk & Crisis Management (SRC), you will lead Sun Life’s global capability for identifying, assessing, prioritizing, and mitigating cyber vulnerabilities and threats across the enterprise. You will oversee multiple sub‑disciplines—vulnerability management, red teaming, threat intelligence, defensive security (blue team), application security platform & testing, and incident management & process development—ensuring Sun Life maintains a resilient and compliant security posture.

This role partners closely with Security Engineering & Advisory, Technology Risk & Compliance, Security Governance & Client Programs, Security Initiatives & Awareness, and Security Operations to drive measurable improvements in cyber resilience and reduce enterprise attack surface.

Key Responsibilities

1. Enterprise Vulnerability Management Leadership

You are the Responsible Person/Contact for the enterprise Vulnerability Management Directive, overseeing the entire vulnerability lifecycle across Sun Life: identification, prioritization, reporting, remediation governance, and compliance monitoring.

Your VM program encompasses:

Internal and external vulnerability scanning
Database scanning
Security Scorecard monitoring
Threat‑intel‑driven vulnerability monitoring
Classification of vulnerabilities and zero‑day response
Audit, Client and Regulatory responses.
Management of platforms related to Vulnerability Management.
Produce Senior Leadership and Executive Reporting for all areas of Vulnerability Management.

2. Cyber Threat Intelligence & Hunting

You oversee the Cyber Threat Intelligence (CTI) and Cyber Threat Hunting (CTH) function responsible for:

Lead the collection, analysis, and operationalization of internal and external threat intelligence.
Monitoring global threats affecting Sun Life brands, staff, infrastructure, and clients
Identifying indicators of compromise, campaign activity, and attacker behaviors
Producing actionable threat briefings for Security teams, Technology Risk, and senior leadership.
Maintain relationships with intelligence‑sharing communities, industry groups, and government partners.
Ensure threat intelligence directly informs detection engineering, vulnerability prioritization, and offensive testing.
Perform continuous Threat Hunting activities based on Cyber Threat Intelligence and internal Red/Blue team information.
Develop and refine use cases based on threat intelligence and work with Security Operations and Engineering teams to implement for alerting to Defensive Security teams.

3. Red Team / Offensive Security Oversight

You lead the Offensive Security (Red Team) program, which conducts:

Application, network, social engineering, and physical penetration tests
Adversary emulation engagements
Intelligence Led Penetration Testing
Executes Security Control validation testing to ensure coverage and identify gaps across security controls.
Ensure offensive testing aligns with threat intelligence and focuses on high‑risk assets and emerging attack vectors.
Partner with technology teams to validate remediation effectiveness.
Translate offensive findings into prioritized remediation actions and long‑term security improvements.

4. Blue Team / Defensive Security Oversight

You lead the Defensive Security (Blue Team) program, which:

Responds to detections from security controls
Ensure defensive capabilities evolve based on threat intelligence and offensive testing results.
Partner with Offensive Security, Cyber Threat Intelligence and Security Operations to enhance detection coverage, reduce dwell time, and improve alert fidelity.

5. Security Incident & Process Management

You lead the Security Incident team which:

Responds to security incidents and takes appropriate actions
Govern the maturity of incident response processes, playbooks, and readiness exercises.
Ensure consistent, high‑quality incident handling with clear communication and post‑incident reviews.

6. Application Security Platforms

Oversee application security scanning capabilities including static, dynamic, software composition and mobile analysis.
Partner with DevOps teams to ensure application security capabilities are integrated into DevOps pipelines.
Identify systemic application security weaknesses and drive long‑term remediation strategies.
Provide secure development guidance and support targeted developer training in partnership with the AVP of Security Initiatives, Training & Awareness.
Ensure application security findings are integrated into enterprise vulnerability reporting.

7. Application Security Testing

Leads Sun Life’s Application Security Testing function, owning the strategy, execution, and continuous improvement of the enterprise testing framework.
Ensure critical applications have penetration testing performed on an annual basis.
Ensures results are consistent, high‑quality, repeatable, and meet enterprise governance expectations.
Drives adoption of advanced testing approaches, including AI‑assisted vulnerability remediation and testing enhancements.

8. Cross‑Functional Collaboration

• Partner with:

Security Engineering & Advisory on architecture alignment, secure design, and technical remediation.
Technology Risk & Compliance to ensure alignment with regulatory expectations, audit requirements, and risk frameworks.
Security Governance & Client Programs to support client assurance, governance reporting, and due diligence.
Security Initiatives, Training & Awareness to develop training based on recurring vulnerability, threat, and AppSec trends.
Security Operations to enhance detection, response, and threat hunting capabilities.

9. Metrics, Reporting & Executive Communication

Define KPIs, KRIs, and dashboards that measure vulnerability exposure, application security maturity, remediation performance, and threat trends.
Deliver regular briefings to senior leadership, risk committees, and the board.
Translate complex technical risks into clear business impacts and recommended actions.
Provide transparent reporting on remediation performance, threat landscape changes, and exposure reduction progress.
Provide updates to regulatory bodies regarding the security posture or any related incidents.

Qualifications

15+ years of cybersecurity experience, with deep expertise in vulnerability management, threat intelligence, application security, or offensive/defensive security.
Proven leadership experience managing technical teams and enterprise‑scale security programs.
Strong understanding of vulnerability scanning tools, AppSec testing platforms, cloud security, and threat intelligence technologies.
Demonstrated expertise in Red and Blue Team operations, including hands‑on knowledge of adversary emulation, penetration testing (web, network, cloud), threat hunting, incident detection and response, malware analysis, and validation of security controls across complex enterprise environments.
Deep understanding of secure coding practices, shift left practices, application security capabilities, CI/CD pipelines, and DevSecOps principles.
Experience working in regulated industries and supporting audits, regulators, and client assurance programs.
Excellent communication skills with the ability to influence senior executives and technical teams.
Demonstrated ability to lead through complexity, ambiguity, and rapid change.
Certifications such as CISSP, CISM, GIAC, OSCP, GCTI, or CSSLP.
Experience with automation, secure SDLC, and large‑scale application security programs.
Background in cyber risk quantification or exposure analytics.
Experience with cloud‑native security tooling and modern application architectures.

Leadership Competencies

Strategic thinker with the ability to anticipate emerging threats and evolving attack surfaces.

Strong decision‑making skills and the ability to operate effectively under pressure.
Ability to build trust and drive alignment across diverse technology and business teams.
High integrity, accountability, and a commitment to continuous improvement.
Skilled at developing leaders, building high‑performing teams, building succession, supporting early‑career talent and fostering a culture of security excellence.
Ability to deliver clear, concise communication of complex risk topics to senior leadership.
Ability to influence across business units without authority.
Skill in preparing regulatory‑grade evidence, narratives, and rationale.

What’s in it for you?

Great Place to Work® Certified for Most Trusted Executive Team in Canada – 2025, 2024 and 2023
Great Place to Work® Certified for Best Workplaces in Canada - 2025
Canada Order of Excellence for Mental Health at Work® certification from Excellence Canada. Sun Life is one of only four companies in Canada to ever receive this certification – 2024
Top Work Places® for Remote Work – Monster Canada - 2024
Great Place to Work® Certified for Best Workplaces in Canada – 2024 and 2022
Great Place to Work® Certified for Best Workplaces for Women in Canada - 2024
Flexible hybrid work model. #LI-Hybrid
Pension, stock and savings programs to help build and enhance your future financial security
Work and professional development that is united by our Purpose: to help Clients and Employees achieve lifetime financial security and live healthier lives
A friendly, collaborative and inclusive culture
Be part of our continuous improvement journey in developing the next greatest digital enterprise experience.
Competitive salary and bonus structure influenced by market range data
The opportunity to move along a variety of career paths with amazing networking potential

The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.

Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our Clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.

Persons with disabilities who need accommodation in the application process, or those needing job postings in an alternative format, may e-mail a request to thebrightside@sunlife.com.

We are proud to be a hybrid organization that offers our employees the choice and flexibility to work from both the office and virtually based on the needs of the business, our Clients and you! Several work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.

We may use artificial intelligence to support candidate sourcing, screening, interview scheduling.

We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

Salary Range:

145,000/145 000 - 235,000/235 000

Job Category:

IT - Technology Services

Posting End Date:

16/02/2026