Lead, Cyber Technology Assessment & Effectiveness
Toronto, ON, CA, M1K5L1
Scotiabank
Requisition ID: 195297
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Reporting to the Senior Manager, Cyber Technology Assessment & Effectiveness, the Lead, Cyber Technology Assessment & Effectiveness will work as part of Cyber Automation & Defense (CAD) team and will be responsible for helping identify security exposures in the organization and developing appropriate compensating controls. The Lead will be required to work with other technology and security teams to develop security content and implement controls needed to close exposures. The intent of the security content is to create the ability to detect and alert for security events.
Is this role right for you?
- You thrive in a fast-paced environment coordinating multiple issues and threats that can be occurring simultaneously
- You love to learn about new threats that can impact both the organization and its customers
- You are adept at problem solving, collaborating across the organization to solve complex problems
- You love to communicate, and thrive on communicating clear, accurate statues on issues, problems, and projects
- You want to be leading complex projects providing security advice to ensure information security risk are mitigated.
- You thrive in solutioning for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
- Working on different types of projects (from large complex to simple) is a part of your DNA.
- You love to collaborate with various business lines, IT support functions and IS&C (Information Security and Control) Control functions.
Do you have the skills that will enable you to succeed in this role?
- You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
- Minimum 8 years' experience building security content to detect security events based on MITRE Framework.
- Minimum 8 years hands-on technical experience with security controls/mechanisms.
- Experience building security content for endpoint and cloud solutions.
- Experience building XDR content, securing databases/AIX/Unix/Linux/Mac.
- Hands on experience building and running a TTP (Tactics, Techniques, and Procedures) framework methodology for pattern and behaviour-based content development
- Experience involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC (Security Operations Centre) and Device Management
- Experience in Google Security Command Centre and Microsoft Defender
- Experience in Web gateway security and email gateway security
- Experience with building security program to defend against Advanced Persistent Threat (APT)
- Experience with sizing, deploying, maintaining, and hardening SIEM (Security Information and Event Management) and NGFW solutions.
- Experience in Data discovery and DLP (Data Loss Prevention) use cases development is an asset
- Experience with industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations
- Post-secondary education in Computer Science or in a related field.
- Certifications (CISSP, CISM, CCSP, CRISC) are assets
What’s in it for you?
- Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
- Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
- Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
- Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
- Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.
#Cyberatscotia #LI-Hybrid
Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APT Automation Banking C CCSP CISM CISSP Cloud Compliance Computer Science CRISC IAM Linux NGFW Red team SIEM SOC UNIX XDR
Perks/benefits: Career development Flex hours Flex vacation Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs