Share this Job

Please be advised that our Careers site will be unavailable from November 28 at 12am ET to November 29 12am ET for scheduled system maintenance.

Title:  Information Security Analyst Advisory - Hybrid




Requisition ID: 154861

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.


The Team

Today’s organizations' rising attack surface area means that more data requires to be monitored to gain the necessary visibility. On top of this, remote work, and fast-moving anomaly-based attacks have made automated response a huger priority. Information Security Analysts are responsible for improving the overall security posture of the organization. They evaluate, test and document security solutions and controls, and work closely with other security team members to remediate risk while ensuring the business is able to innovate. Information Security Analysts must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business. Information security analysts collaborate with internal and external audit and exam teams, along with technology management and business stakeholders.


Where will you work ? 

This is a Hybrid role.


The Role

Reporting to the Senior Manager (Security Research), the role contributes to the overall success of the Information Security & Control (IS&C) team by delivering specific information security research goals, in support of Scotiabank Group’s Information Security strategies and objectives.


The Security Research team performs research, analysis, assessments and Proof of Concepts which allow for educated decisions in support of information and cyber security objectives - within the context of Bank’s overall business objectives. The incumbent is expected to be capable of obtaining a solid understanding of the Bank's information technology, including operations, hardware, software, telecommunications, cryptography, biometrics etc. The Senior Information Security Analyst (Security Research) must be able to perform research evaluations to gain an understanding of very complex and new security technologies and their applicability to the Bank. This requires the ability to acquire both a broad technical knowledge, and a grasp of business and technical implications of existing and new security technologies. Minimum of 2 years of practical experience in Information Security is a pre-requisite.


Do you have the skills required for the Role?

  • Perform the research and evaluation of emerging and breakthrough security technologies through analysis, developing and updating documentation, writing and executing test cases and producing completion reports (e.g., technology briefings, white papers, functional evaluations, etc.) in line with Bank’s research and security requirements.
  • Comprehend, describe and explain complex technical subjects in a clear, understandable way to an audience ranging from technical staff to senior executives of the Bank.
  • Execute and manage PoCs, PoVs, Production or Non-production Pilots for a variety of security technologies, products and/or services (e.g., Identity & Access Management (I&AM), Cloud security, container security, Intrusion Prevention Systems (IPS), etc.), in partnership with various IS&C and across the Bank’s stakeholders.
  • Participate in security technical projects by managing projects in its entirety (project ownership) or by performing a supporting role in new and/or existing IS&C and across the Bank’s engagements.
  • Provide a high-quality service by consistently understanding our client's needs and providing security solutions that meet or exceed expectations, while at the same time ensuring that the Bank's information and systems continue to be protected.
  • Continuously acquire, consolidate and analyze information security information from various sources; maintain an awareness of existing and new security technologies and industry trends; assess the potential impact to the Bank's current and future Information Technology and Information Security initiatives and operational processes. Information Security Analyst Advisory
  • Assist with security configuration for systems and applications within the framework of Security Research projects including PoCs, PoVs, Production or Non-production Pilots, security testing, ad-hoc research, and so on.
  • Provide support in addressing audit (findings) requests to adhere to regulatory compliance.


Must Haves:

  • At least 3 years of information security or computing systems experience.
  • At least 2 years of experience with Cloud security, container security, Intrusion Detection/Prevention Systems (IDPS), authentication, Enterprise Detection & Response (ED&R), incident response, security administration, operations and end-user consoles (and related.
  • Ability to effectively communicate business risk as it relates to information security.
  • Knowledge of risk assessments that protect the business and adhere with compliance and privacy laws.
  • At least 2 years’ experience of computing platforms including Windows, OSX, Unix (Linux), networks and endpoints.
  • Understanding of vulnerability and penetration testing.
  • Experience with project management.
  • Ability to effectively communicate business risks as it relates to Information Security.
  • Good organizational and time management skills to be able to effectively multi-task in a very diverse, goal-oriented environment.


Nice to Haves:

CISSP, CISA, CISM, GIAC or other security and/or computer science related certifications is a plus.


What’s in it for You?

  • We provide you with the tools and technology needed to create beautiful customer experiences
  • We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success!
  • You'll get to work with and learn from diverse industry leaders, who have hailed from top technology companies around the world.
  • We foster an environment of innovation and continuous learning.
  • We offer a competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.


Location(s):  Canada : Ontario : Toronto || Canada : Ontario : Scarborough 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Cloud, Testing, Information Security, Compliance, Telecom, Technology, Legal