Requisition ID: 233462
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
The Cloud Security Engineer, Cloud and Application Platform Engineering will be responsible for providing technical leadership within a diverse team of cloud security engineers, leveraging industry leading secure SDLC processes to support application security tools and infrastructure mandated by Cloud and Application Security in their mission of protecting the bank and its customers from external threats.
Contributes to the overall success of the Cloud and Application Security Engineering team in Canada ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives. Ensures all activities conducted are following governing regulations, internal policies and procedures.

IS THIS ROLE RIGHT FOR YOU? IN THIS ROLE YOU WILL:

• Collaborate in a team environment spanning multiple geographies to execute on support and project tasks and initiatives.
• Perform various DevSecOps activities supporting tools and infrastructure spanning on-premises, private cloud, SaaS, PaaS, and public cloud environments supporting the bank’s secure SDLC processes – expanding support levels towards a targeted 24/7 support model.
• Work with vendors and technology teams to maintain security compliance and software currency within our tools, platforms, and infrastructure.
• Working from requirements, assist in planning, analysis, design, development, testing, and implementing solutions supporting security at the bank.
• Develop and support operations for tools developed by Security Engineering teams and transition to Day 2 operations.
• Reporting to management on the status of the system of internal controls with recommendations for remediation of risks.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct, and the Global Sales Principles, while ensuring the adequacy, adherence to, and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.

DO YOU HAVE THE SKILLS THAT WILL ENABLE YOU TO SUCCEED IN THIS ROLE?

• 3+ years experience working within a DevSecOps support or project team utilizing Agile, DevSecOps, and other secure SDLC methodologies
• Hands-on experience with system administration and DevSecOps support of Linux, Windows, SQL Server, PostgreSQL, and other vendor software.
• Software and system architecture and technical documentation experience is an asset
• Excellent organization, time management, problem-solving, and analytical skills
• Experience with legacy technologies (standalone servers and databases, Windows, Linux, SQL Server, PostgreSQL) as well as modern technology stacks (on-prem, PaaS, SaaS, public cloud, GCP, GKE, GSCCE, GAR, Cloud SQL, Azure, APIGEE)
• Experience working with and troubleshooting development pipelines (BB, TFS, GH, Jenkins) as asset
• Experience developing automation scripts with Python, PowerShell, AWK, and more an asset.
• Basic knowledge and understanding of security capabilities (SCA, SAST, DAST, MAST, CNAPP, APISec, Posture Management)
• Basic knowledge and understanding of coding best practices in various languages (C#, .NET, Java) and the importance of environment configuration, artifact dependencies, and secure supply chain management