Title: Senior Analyst, Security Assurance
Requisition ID: 232332
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Purpose
Security Assurance team within Security Risk Governance is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access and configurations have been changed without cause. Demonstrating security operation teams adhere to defined processes and procedures, supporting the achievement of the Bank’s information security objectives. Reviewing operational practices, reporting gaps, and working with the process owners to achieve resolution of any identified deficiencies. Identifying and managing compliance related issues, tracking of IT risks as well as other key performance indicators.
Is this role right for you?
- You have a passion for security compliance and risk, researching, implementing and maintaining effective security controls.
- You are a self-starter with skills in communication and analytical thinking, who can review large amounts of unstructured data and critically interpret findings.
- You have an interest to review various alerts and risk ratings for critical information and security sensitive or high-risk events.
- You understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
- You want to collaborate with the business, along with the technical and operational groups across the Bank to ensure alignment of technical solutions to the business strategy
- The incumbent will conduct reviews of IT application and supporting IT pervasive controls.
- The incumbent will maintain documentation supporting SOX Business Processes and SOX IT Pervasive areas under direction of IS&C management and control owners.
- The incumbent receives general direction from the Senior Manager / Team lead. Day to day tasks are handled independently.
- The incumbent will maintain documentation supporting Business
- Day to day decisions regarding approaches to security and control reviews are handled independently by the incumbent using a high degree of discretion and judgment.
- The incumbent is guided by the Bank’s Information Security Policy and Standards and the requirements of Bank regulators and auditors as well as departmental procedures.
Do you have the skills that will enable you to succeed in this role? We’d love to work with you if you have:
- You have familiarity and experience with several banking applications and infrastructure environment including, but not limited to, firewalls and network security.
- You have working knowledge within key IT controls and risk assessment concepts
- Experience with operational/security risks, threats & potential exposures and potential security breach situations.
- Knowledge of audit practices and methodologies.
- Industry certifications (i.e. CCNA, CISA, CRISC, etc.) would be an asset(s)
- You have strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external customers.
- Expertise in IT key controls and risk assessment concepts.
- Strong verbal and written communication skills, especially report writing ability.
- Nice to Have: One or more industry certifications like CISA, etc. in a related field is preferred with 1-2 years practical experience in information technology
- Nice to Have: Thorough knowledge of the Bank’s application and infrastructure environment.
- Nice to Have: University degree or college diploma in a related field is preferred
- Nice to Have: Familiarity and experience with several Bank’s application, Network and infrastructure environment including, but not limited to IBM mainframe, Windows Active directory, AS400 and DB2
- Nice to Have: Sound knowledge of regulatory requirements.
- Nice to Have: Advanced presentation and communication skills.
What's in it for you?
- Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
- Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
- Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
- Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
- Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.
- Community Engagement - No matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs.
Location(s): Canada : Ontario : Scarborough
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
Job Segment:
Information Security, Compliance, Corporate Security, Investment Banking, Network Security, Technology, Legal, Security, Finance