Working within Global Platforms to provide IT maintenance, support, and
software delivery mechanisms to ensure the Aviva business has reliable
and trusted services and can move forward in its Digital aspirations.
The Platforms area manages the controlled, reliable and predictable
delivery of change within the complex and shifting environment across
multiple platforms and teams.
GI & Operations Platforms
The team lead on:
- Bringing together and driving solutions for the GI Business and Operations.
- Driving platform stability, integrity and security for their
customers through robust operational discipline.
- Ensuring that platform change and engagement is simple, fast and
cost effective by building world class engineering capability,
enabling us to Defy Uncertainty for our customers at pace.
- Ensuring that the platforms remain highly competitive and cost
optimised by driving simplification in all aspects, strong
partnerships and a culture of innovation and agile working.
- Key systems owned and managed by this area include Exceed, Appian,
Blue Prism, Image, Exstream and Guidewire.
- Provide dedicated support and security related technical expertise
to enable platform leads to deliver safe and secure platform
services to our business and its customers.
- Ensure IT Platforms develop, build and operate secure applications
and install secure IT and business infrastructure.
- IT Platforms in achieving its objectives and to mitigate any risks
through the adoption of industry best practice via policy, effective
risk management, assurance and training.
- Articulate and drive clear and unambiguous security technical
solutions in response to ever changing threats, both with the run
and change aspects of the platform area.
- Bridge and unite the Platform and CISO organisations.
Key aspects of the role:
- Enabling the platform lead to securely own technical assets on
behalf of CIO and ensuring their long term integrity.
- Engage with key stakeholders to actively support and coordinate
secure technical and non technical platform deliveries.
- Ensuring all Changes adhere to BP Controls and IT standards.
- Working to the UK policies and standards set by the UK CISO team
and industry best practice to ensure the security aspects of the
Platforms area are implemented and managed in an effective and
appropriate manner via the proactive and reactive engagement in
change and run initiatives.
- Promote the processes and standards set by the Global & UK
CISO teams to ensure all Platform initiatives, projects and programs
are secure by design and well managed and that a sustainable control
environment is embedded.
- Develop strong relationships with all necessary security, IT
Platform, Supplier and Business stakeholders to ensure the security
risk picture is well understood and managed effectively.
- Develop firm understanding of local business plans, products and objectives.
- Establish and embed appropriate processes to ensure that adequate
security assurance is undertaken in relations to the change initiatives.
- Take an active lead to evangelisation of security concepts and
promote secure design across the Platform organisation.
- Analysing and producing MI and insight, establishing root cause,
identifying any remedial actions to take and liaising with the
relevant team/area to get issues resolved.
Risks & Controls:
- Identify, own and manage the specific key risks and/or IT controls
and BP standards that you are identified as the owner and/or nominee
for on iCARE.
- Ensure that issues and actions associated to controls / risks are
remediated in a timely manner.
- Maintain appropriate records and ensure that controls are
sufficiently well designed and operating effectively to keep the
risks that they mitigate within Aviva's tolerance level.
- What resources is the role accountable for:
- No direct reports. Heavy reliance on matrix and influencing skills
and facilitative relationships with colleagues within team, their
assigned Market, IT Platforms, key stakeholders and the wider business.
- Will be required to build strong relationships with Global CISO as
well as within their assigned Platform area.
What are the key decisions taken:
Risk based decision making ensuring that Platform staff interpret
standards appropriately and translate into appropriate technical and
Agree upon and make decisions around the effective interpretation of
threat intelligence and its potential impact to platforms including
decisions on the most appropriate mitigating solutions and actions.
- What type of problems need to be solved:
- Ability to give high and detailed level understanding of outcomes
wanted for secure technical deliveries, and recognising
dependencies, across all Platform changes and competing demands.
- Provide solutions for deficiencies in process and operational procedures.
- Ability to apply a sophisticated level of reasoning to competing
demands on cost, time, quality and security.
- What change is the role holder responsible for?
- The role holder is accountable for ensuring that all change
delivered within the Platform area and by the platform teams are in
line with IT and BP standards.
- Proactive generation of change geared towards strengthen and
driving security based improvements both technical and non
technical, including procedural and process improvement.
Experience / Skills Required:
- Has to be fantastic at establishing strong relationships with an
excellent ability to influence and apply pragmatism where we often
meet competing demands. Ability to bust the paradoxical with level 4 thinking.
- Broad experience of security management concepts built up over a
number of years in dedicated technical and security operations and /
or management roles.
- In-depth knowledge of IS governance processes and practices,
including ISMS monitoring and control frameworks such as, ISO, ISF
and COBIT, their relationships to other frameworks and their
application within a financial services environment or other highly
- Good understanding of Secure Development Lifecycles and their
application in an agile environment.
- Good understanding of security architecture principles and processes.
- Good knowledge of IT Operations procedures and best practices.
- Excellent stakeholder management.
- Excellent influencing, negotiating and communication (written and
- Disciplined and organised mind-set.
- Actively seeks opportunities to develop knowledge and experience,
internally and externally.
Salary: £30,650 - £59,050 - dependent on skills & experience.
One of Aviva's core values is Care More, and this is brought to life
through the flexible ways we like to work. This may include working from
home some of the time, or flexible work schedules to accommodate parent
and carer responsibilities, further studies and hobbies.
We prefer all applications to be submitted online, however if you
require an alternative method of applying please contact Luke Goffin in
the Resourcing team.