Title:  Incident Manager

Requisition ID: 258362  



We are committed to investing in our employees and helping you continue your career at ScotiaGBS
 

Purpose

In the role of Incident Manager, you’re responsible for responding to account-level threats and attacks at scale. This includes incident triage, threat-actor journey mapping, containment, remediation, and identification of root cause contributors. You regularly connect with your colleagues across Fraud Threat Management to ensure ongoing situational awareness across the team. You’re calm under pressure and draw on your years of experience and knowledge of industry best practice to inspire confidence with stakeholders across the Bank as you keep our customers and the Bank safe.

Accountabilities 

•    Respond to account-level attacks targeting any of Scotiabank’s products and digital properties in Canada. Regularly review and incorporate lessons learned.
•    Produce and provide timely incident communications for a variety of audiences in accordance with the incident management protocol, incident communication matrix, and associated playbooks to ensure awareness and appropriate levels of engagement as part of response activities.
•    Provide guidance and recommendations to your leadership, peers, and stakeholders across the team to support effective decision-making during incident response, post-incident, and prevention phases.
•    Identify systemic issues, reoccurring problems, and identified threats/vulnerabilities to our Fraud Problem Management function. Ensure these and other root cause contributors are captured within post-incident reviews.
•    Act as a SME resource to our Fraud Problem Management team to support appropriate and effective resolutions for identified problems.
•    Work to maintain and exceed established incident management KPIs including mean-time-to-detect (MTTD), mean-time-to-containment (MTTC), mean-time-to-remediation (MTTR) as measured by event type and severity.
•    Identify and recommend changes to cyber-fraud monitoring and alerts that you and your colleagues receives to ensure ongoing improvements to our early-detection efforts.
•    Provide mentorship and coaching to new members of the team to ensure adherence to our incident protocol, incident communication matrix, service-level commitments, and all associated playbooks.
•    Regularly recognize and reinforce high-quality work and behaviours of your peers and others within the Bank that contribute to the success of our mission.
•    Based on lessons learned during incident response, identify suggested changes to our comprehensive incident management playbooks outlining processes, tools, data, and technology requirements, as well as communications protocols and cross-functional interaction models with key internal partners (ex. IS&C, Crisis Management, Corporate Security, and technology). 
•    Engage with vendors supporting our team with cyber-fraud incident response and red teaming.
•    Maintain ongoing awareness of the cyber-fraud threat landscape, including through certification, continuing professional education (CPE), industry group participation, threat intelligence feeds, and direct research.
•    Deliver training within Fraud Management teams and business lines to increase their preparation for, and ability to manage potential incidents that may impact their operations and customers.
•    Understand and apply the Bank’s risk appetite and risk culture for day-to-day activities and decisions.
•    Contribute to the overall success of the Global Fraud Management function, ensuring specific individual goals, plans and initiatives are delivered in support of the team’s business strategies and objectives.  Ensures all activities conducted in accordance with Scotiabank’s values and Code of Conduct and are in compliance with governing regulation and internal policies, procedures, and standards.

Reporting Relationships 

Primary Manager:   L9 Global Head, Fraud Threat Management
Direct Reports:    L7 Manager, Incident Management (x2), L6 Incident Responder, L5 Incident Analyst

 
Dimensions

•    You are passionate about utilizing your technical knowledge to perform fraud investigations using various analytical methods.
•    You thrive in using different solutions to enhance the company’s global security monitoring and threat intelligence programs.
•    You excel in using available intrusion detection infrastructure to detect and remediates threats.
•    You enjoy investigating and reviewing suspicious activities (E.g. Phishing) reported by customers or other employees of the bank.
•    You enjoy taking part in initiatives to contribute to the strategic direction for security related technologies or other controls that need to be put in place to reduce the threat levels to the company.
•    You thrive in effectively breaking down complex technology knowledge & communicating same to non-technical people.

Education / Experience / Other Information 

•    You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
•    You have at least 1 year of hands-on experience in performing any of network security, information security, fraud investigations or any other related fields.
•    You have developed capabilities in prioritizing and completing assigned tasks in a timely manner and provide oversight and training to other less experienced team members.
•    You have a working knowledge of various network principles, cyber security concepts, investigation procedures, and adversary techniques.
•    You have a strong analytical and problem resolution skills.
•    You can demonstrated ability to conduct investigations across multiple platforms and technologies.
•    Post-secondary education.
•    Certifications (GSEC, CompTIA Security+, CCNA, CompTIA Networking+, ITIL CEH, and OSCP) are nice to have.
Liderar toda la respuesta. Recibe respuesta, monta la coordinación con dierentes equipos. Manejan 13 paises .
stake holders calls – coordinación. Experiencia en Cibersseguridad, incidentes tecnológicos, fraude. 
MUST HAVE capacidad de manejar stakeholders y toma de decisiones bajo presión. 
es un manejo de incidente. (fraude). 

Location(s):  Colombia : Bogota : Bogota 

Scotia GBS is a Scotiabank Group company located in Bogota, Colombia created to support different processes of the Bank and the development and execution of its global services strategy in 15 countries in the Americas. It is composed of 7 service units. We offer an inclusive, positive work environment, and competitive benefits.

At ScotiaGBS, we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaGBS; however, only those candidates who are selected for an interview will be contacted.