Share this Job

Please be advised that our Careers site will be unavailable from November 28 at 12am ET to November 29 12am ET for scheduled system maintenance.

Title:  Specialist, Incident Response Specialist

Requisition ID: 167063

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Team

As part of the Scotiabank’s Cyber Security Operations Centre (CSOC), Global Incident Response is responsible for protecting Scotiabank’s assets and networks globally through the Security Operation Center (SOC). This involves 24/7 security monitoring and response of the company’s information processed through joint venture / strategic alliances and third-party arrangements; ensuring that customer information continues to be protected as expected.

The role:

As an Information Security Advisor will work to protect Scotiabank’s assets and networks globally through the Security Operation Center (SOC) while also being a technical leader within the SOC. Reporting to the Senior Manager of the SOC, the Global Incident Response Advisor will respond to security events generated by the Security Information & Event Monitoring (SIEM) platform as well as events as reported by employees, customers, and discovered through Threat Intelligence.

Is this role right for you?

  • You are passionate about utilizing your technical knowledge to perform cybersecurity investigations using various analytical methods.
  • You are passionate about coaching and guiding less experienced cybersecurity professionals.
  • You thrive in using different solutions to enhance the company’s global security monitoring and threat intelligence programs.
  • You excel in using available intrusion detection infrastructure to detect and remediates threats.
  • You enjoy investigating and reviewing suspicious activities (e.g. Phishing) reported by customers or other employees of the bank.
  • You enjoy taking part in initiatives to contribute to the strategic direction for security related technologies or other controls that need to be put in place to reduce the threat levels to the company.
  • You thrive in effectively breaking down complex technology knowledge & communicating same to non-technical people.



Do you have the skills that will enable you to succeed in this role?

  • A minimum of 4 years’ experience in conducting cyber security investigations leveraging information systems, operating systems, and security tools.
  • A minimum of 4 years’ experience in log analysis, malware analysis, host, and network device analysis.
  • You have developed capabilities in prioritizing and completing assigned tasks in a timely manner and provide oversight and training to other less experienced team members.
  • You have a working knowledge of various network principles, cyber security concepts, cloud platform and security, investigation procedures and adversary techniques.
  • You have a strong analytical and problem resolution skills.
  • You are able to work with management and senior leads to deliver on monitoring improvements and capabilities.
  • Lead High Priority Investigations - HPI and provided response recommendation during incidents; on top of standard investigations and follow-ups.
  • You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
  • An asset to have any of the certifications (CISSP, DFIR, GSEC, CompTIA Security+, CCNA, CompTIA Networking+, ITIL CEH, and OSCP).


What's in it for you?

  • We provide you with the tools and technology needed to create beautiful customer experiences
  • We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success!
  • You'll get to work with and learn from diverse industry leaders, who have hailed from top technology companies around the world.
  • We foster an environment of innovation and continuous learning.

We offer a competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.



Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Note: All postings in me@Scotiabank will remain live for a minimum of 5 days.

Job Segment: Cyber Security, Technical Support, Information Security, Information Systems, Investment Banking, Security, Technology, Finance