Please be advised that our Careers site will be unavailable from November 28 at 12am ET to November 29 12am ET for scheduled system maintenance.

Title:  Lead, Cyber Technology Assessment & Effectiveness




Requisition ID: 195297

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.


Reporting to the Senior Manager, Cyber Technology Assessment & Effectiveness, the Lead, Cyber Technology Assessment & Effectiveness will work as part of Cyber Automation & Defense (CAD) team and will be responsible for helping identify security exposures in the organization and developing appropriate compensating controls. The Lead will be required to work with other technology and security teams to develop security content and implement controls needed to close exposures. The intent of the security content is to create the ability to detect and alert for security events.


Is this role right for you?

  • You thrive in a fast-paced environment coordinating multiple issues and threats that can be occurring simultaneously
  • You love to learn about new threats that can impact both the organization and its customers
  • You are adept at problem solving, collaborating across the organization to solve complex problems
  • You love to communicate, and thrive on communicating clear, accurate statues on issues, problems, and projects
  • You want to be leading complex projects providing security advice to ensure information security risk are mitigated.
  • You thrive in solutioning for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
  • Working on different types of projects (from large complex to simple) is a part of your DNA.
  • You love to collaborate with various business lines, IT support functions and IS&C (Information Security and Control) Control functions.


Do you have the skills that will enable you to succeed in this role?


  • You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
  • Minimum 8 years' experience building security content to detect security events based on MITRE Framework.
  • Minimum 8 years hands-on technical experience with security controls/mechanisms.
  • Experience building security content for endpoint and cloud solutions.
  • Experience building XDR content, securing databases/AIX/Unix/Linux/Mac.
  • Hands on experience building and running a TTP (Tactics, Techniques, and Procedures) framework methodology for pattern and behaviour-based content development
  • Experience involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC (Security Operations Centre) and Device Management
  • Experience in Google Security Command Centre and Microsoft Defender
  • Experience in Web gateway security and email gateway security
  • Experience with building security program to defend against Advanced Persistent Threat (APT)
  • Experience with sizing, deploying, maintaining, and hardening SIEM (Security Information and Event Management) and NGFW solutions.
  • Experience in Data discovery and DLP (Data Loss Prevention) use cases development is an asset
  • Experience with industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations
  • Post-secondary education in Computer Science or in a related field.
  • Certifications (CISSP, CISM, CCSP, CRISC) are assets


What’s in it for you?

  • Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans. 
  • Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.   
  • Upskilling through online courses, cross-functional development opportunities, and tuition assistance.   
  • Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one. 
  • Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration. 

#Cyberatscotia #LI-Hybrid 


Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Information Security, Cyber Security, Computer Science, Investment Banking, Loss Prevention, Technology, Security, Finance