Requisition ID: 233033
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

THE ROLE

As a Specialist in the Cyber Security Control & Defense team, you will be a core member of the Cyber Security organization, responsible for the design, building, and deployment of web security policies for users and applications. You are also responsible for the mentoring of junior analysts as well as representing the team in cyber security incidents and investigations.

IS THIS ROLE RIGHT FOR YOU? IN THIS ROLE, YOU WILL:

• Lead the development, tuning, maintenance and deployment of web security policies across the Bank.
• Design and implement policy changes of differing scope to support the bank’s security objectives while ensuring minimal impact to business operations.
• Support end-users by troubleshooting access issues and providing guidance on security best practices and security processes.
• Demonstrate personal accountability for assigned projects, initiatives, and daily processes, producing optimum results with minimal supervision.
• Provide technical leadership and collaborate effectively with team members and cross-functional teams to resolve incidents and improve security processes bank-wide.
• Communicate professionally and effectively to different groups and audiences within the bank, with different concerns and varying technical savviness.
• Document cases, actions, processes and procedures in a clear, concise and consistent manner; maintaining comprehensive, accurate and up-to-date records of activities, decisions, and outcomes, to ensure preservation of critical information.
• Respond promptly to reports and requests from various audit, compliance, and IT risk teams to remediate security and data-loss risks.
• Contribute continuous iterative improvements to all processes and procedures within the team’s scope, while adhering to the bank’s risk appetite and risk culture.
• Continuously learn and improve your skills to adapt and respond to emerging threats in an ever-changing threat landscape.
• You are passionate about utilizing your technical knowledge to find innovative solutions to complex problems.
• You have experience working with policy creation, implementation, and governance.
• You have strong analytical, problem-solving and troubleshooting skills.
• You enjoy working in a collaborative environment.
• You are an effective team player while being comfortable working autonomously.
• You excel in learning new technologies and implement sustainable solutions to enhance them further.
• You enjoy taking part in initiatives that contribute towards the strategic direction for security related technologies or other controls that help achieve reduce threat levels to the company.
• You thrive in effectively breaking down complex technology knowledge & communicating the same to non-technical people.
• You are comfortable supporting business operations after hours for on-call and implementation activities.
• Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.

DO YOU HAVE THE SKILLS THAT WILL ENABLE YOU TO SUCCEED IN THIS ROLE? WE’D LOVE TO WORK WITH YOU IF YOU HAVE:

• 3+ years of hands-on technical working experience in the implementation and deployment of complex or large-scale web proxy technologies in an enterprise setting.
• Post-secondary education in computer science, computer engineering or a related field.
• Strong foundational knowledge in general networking concepts and protocols such as HTTP/S, DNS, TLS, TCP, UDP, SSH.
• Proficient in log analysis and analysing packet captures with tools such as Wireshark.
• Working knowledge of SIEMs, troubleshooting command-line tools and ticketing systems.
• Hands-on technical working experience coding or scripting in programming languages such as Python, Java, JavaScript, Bash, and PowerShell.
• Experience with Windows and Linux Operating Systems.
• Excellent communication (verbal/written/presentation), negotiating, and interpersonal skills with the ability to summarize material for senior management in English. The same in Spanish is a strong asset.
• Continuous Learner with a Proactive mindset and ability to stay current on evolving cyber security trends and technologies.
• Working knowledge of software development lifecycle and tools including JIRA, Bitbucket (Git), and Confluence.