Share this Job

Title:  Information Security Analyst




Requisition ID: 97547

Join the Global Community of Scotiabankers to help customers become better off.


The Application Security team has global accountability and is highly supportive of the Bank’s business, enabling execution of the Bank’s strategies, operations and services, while ensuring that appropriate security practices are adhered to. This function provides core competency in proactively detecting application code flaws and/or bugs while working with the appropriate teams in instituting appropriate controls to mitigate risks, specifically as it pertains to web application vulnerabilities and threats. This candidate will be expected to work closely with the application development groups to integrate application security processes and procedures into the software development lifecycle.  


Key Job Accountabilities

  • Recommend, design, assess, implement, deploy and maintain mobile security controls required to protect Scotiabank and its customers.
  • Responsible for developing and/or enhancing the strategies and processes to identify, analyze and communicate mobile application vulnerabilities as per the CISO Directive and published communication process flows.
  • Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams and business risk owners implement control measures that effectively mitigate or eliminate the identified risk.
  • Responsible for timely and accurate reporting of all findings to the development teams, appropriate levels of management and the business risk owner.



  • Understanding of multi-tier Web Applications, web services, related vulnerabilities and potentials threats. 
  • Must have a comprehensive understanding of the HTTP protocol, System Development Lifecycle (SDLC), and Web Programing for multi-tier web applications and web services. 
  • Must have knowledge on Java EE application, also experience with one of the following languages: .Net, Swift, or Objective C.   Experience with React, AngularJS, Node,js would be an asset.
  • Experience performing source code reviews manually or using analysis tools would be considered an asset. Example HP Fortify, IBM AppScan Source, SonaQube, BlackDuck, Sonatype, etc
  • Experience in an Agile development workshop and experience with integration tools such as Jenkins, JIRA would be an asset,
  • Must have the ability to generate reports and tailor his/her communication strategy for various levels of technical staff, executive management, and business clients.  Experience on reporting tools such as Cognos, JasperReport would be an asset. 
  • Good communication skill and good support skills for triaging and analysis of issues for all development teams


Location(s):  Canada : Ontario : Scarborough 

As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. Our employees are committed to a superior customer experience and use the Bank’s six guiding sales practice principles to ensure they act with honesty and integrity.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Information Security, Bank, Banking, Developer, Security, Technology, Finance