Share this Job

Please be advised that our Careers site will be unavailable from November 28 at 12am ET to November 29 12am ET for scheduled system maintenance.

Title:  Information Security Cloud Director




Requisition ID: 153894

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.


The Director, Cloud Security Engineering will lead Security Patterns & Policy as Code development in partnership with IS&C teams to accelerate the build of global security services, advance engineering capabilities, and work with global technology and business partners to lead foundational and transformational security strategically across the enterprise.


Lead Security-as-Code Governance and Development

  • Establish reusable secure cloud patterns based on threats in alignment with policies, standads and procedures in a way that can be automated and measured.
  • Lead a team of core security domains in defining and codifying policies in Cloud Security Tools (ie Sonrai and AquaSec).
  • Collaborate with other Policy owners (eg GTS, SD) to implement and provide assurance of Policy as Code Solutions (eg Terraform, Kubernetes).


Partner with Engineering and Business Channels, teams to deliver end-to-end secure patterns

  • Establish strong partnerships with architecture, solution engineering and services team communities to build and maintaining practical pattern blueprints with Cloud first focus.
  • Refactor policies and standards and ensure focus on the right controls.
  • Facilitate, influence, and govern to institute and communicate best practices defined through security engineering patterns, designs, and implementation blueprints.


Partner with IT Audit, Enterprise & Security Architecture, and other cross-function teams

  • Contribute security integration to building of Enterprise Technologies and more specifically, security strategies, roadmaps as it applies to practical patterns and blueprints.
  • Ensure alignment between Architecture roadmaps and Engineering designs.
  • Partner with enterprise data enablement and architecture teams on global data retention strategy.


Support Major Bank Initiatives by contributions Security to support technical design

  • Operate a resourcing model to provide consulting services in support of building security into the design and implementation of bank initiatives.
  • Support Enterprise Architecture review boards on engineering input to ensure enterprise decisions incorporate practical security. 
  • Participate as the security subject matter expert (e.g. Cloud, Security Tools decisions).


People Leader

  • Lead a dynamic team of security experts with consultant SMEs depending on project needs.
  • Participate with Enterprise Architectural review boards ensuring that security incorporates security integration in enterprise decisions.
  • Drive cross-functional conversations, influence, and create alignment on security embedded solutions.





  • Advance Cloud capability and adoption through a COE (Center of Excellence) standardizing measurable embedded security engineering patterns through Blueprints, Designs and Architecture Patterns, and governance.
  • Identify and grow domain of Security-as-Code to govern (and institutionalize) or ownership (if appropriate to IS&C) across the enterprise (eg tools, platforms and pipelines).
  • Build and implement a vision of automated Security-as-Code and advancing the banks Cloud capabilities with continuous compliance.
  • Support critical Bank initiatives from the overall security architecture relevant to and consistent with the objectives of the Technology Blueprint by promoting the Bank’s security/technology architectures.
  • Lead and drives a customer focused, practical and secure, culture to deepen client relationships and leverage broader Bank relationships, systems, and knowledge.
  • Create strong partnership with peers, technology leads and leaders across IS&C, IT&S, and IT Audit.



  • University degree, preferably in Computer Engineering, Computer Science or related field, and a minimum of 7 years’ experience in Information Security leadership roles, with at least 5 years in Cloud and OnPrem Engineering function in a complex, global organization. 3 years with experience building and running enterprise class systems. Financial services and, specifically, banking experience is highly desired.
  • Understanding of architecture frameworks such as COBIT, NIST, CSA’s TCI, TOGAF ect.. and knowledge of CI/CD, DevOps and agile+traditional methodologies.
  • Detailed knowledge of, and experience working leading implementation and supporting Enterprise Cloud products and services. Strong Information Security, people and development management experience.
  • Demonstrated ability to lead technical teams in a highly complex and matrixed organization. Ability to lead through influence, excellence and example is essential to success.
  • Strong leadership and collaboration skills. Excellent oral and written communication, ability to present confidently to senior executives, attention to detail and strong planning and management ability.
  • The incumbent must be a very strong leader, with demonstrated ability to lead technical teams and build and maintain credibility with technical and non-technical stakeholders, alike. Deep knowledge of relevant technologies must be combined with the ability to lead highly technical teams, strong business acumen and excellent communication and listening skills.
  • The incumbent should have experience as a key technical partner in global technology transformation efforts, demonstrating the ability to inspire and align diverse technologists, drive efficient and effective decision-making, and to deliver and support a robust information security governance framework.
  • Deep and broad knowledge of enterprise, cloud, and security technologies is expected.
  • Experience with Workload Protection and Posture Management products an asset.
  • The incumbent should have experience delivering excellent results in a large, complex, and global environment with a mix of emerging, current, and legacy technology.
  • Familiarity and direct experience with outsourcing delivery models is essential, and experience with successful repatriation of services is highly desired.
  • Experience with and knowledge of formal project management methodologies is desired.
  • English fluency required, Spanish ability a plus.



Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.