Information Security Analyst Senior

Requisition ID: 212142

Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.

Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture.

 

Purpose

Security Assurance within Security Services is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access and configurations have been changed without cause.

• Demonstrating security operation teams adhere to defined processes and procedures, supporting the achievement of the Bank’s information security objectives.
• Reviewing operational practices, reporting gaps, and working with the process owners to achieve resolution of any identified deficiencies.
• Identifying and managing compliance related issues, tracking of IT risks as well as other key performance indicators.

Accountabilities:

As an Information Security Analyst Senior, the role ensures the protection and integrity of Bank’s critical information and assets, the incumbent will:

• Review access to systems including Critical Information Assets (CIA).
• Validate that access was due to sanctioned and documented activities (e.g., Change Records)
• Ensure that configurations are changed with cause and appropriate documentation.
• Identify malicious activity.
• Conduct detailed, risk-based evaluations/monitoring of Information Technology (IT) controls utilizing the Bank’s information security standards and regulatory requirements
• Review reports to investigate, escalate and track control deficiencies, ensuring action items and remediation plans are vigorously tracked to closure.
• Conduct detailed, risk-based evaluations/monitoring of Information Technology (IT) controls utilizing the Bank’s information security standards and regulatory requirements
• Provide knowledgeable opinion on the above-mentioned entities’ compliance with information security standards.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.

     Reporting Relationships (Job Titles only)

Primary Manager:

(include secondary Manager if applicable)

• Senior Manager, Security Assurance
• Team Lead, Assurance

Direct Reports:

• NA

Shared Reports (solid/dotted if applicable):

• NA

Dimensions

• The incumbent will conduct reviews of IT application and supporting IT pervasive controls.
• The incumbent will maintain documentation supporting SOX Business Processes and SOX IT Pervasive areas under direction of IS&C management and control owners.
• The incumbent receives general direction from the Senior Manager / Team lead. Day to day tasks are handled independently.
• The incumbent will maintain documentation supporting Business
• Day to day decisions regarding approaches to security and control reviews are handled independently by the incumbent using a high degree of discretion and judgment.
• The incumbent is guided by the Bank’s Information Security Policy and Standards and the requirements of Bank regulators and auditors as well as departmental procedures.

Education / Experience / Other Information (include only those that are specific to the role)

Must Have

• Spanish language is a must, especially IT/technical Spanish
• Expertise in IT key controls and risk assessment concepts.
• Strong verbal and written communication skills, especially report writing ability.
• English language skills

Nice to Have

• One or more industry certifications like CISA, etc. in a related field is preferred with 1-2 years practical experience in information technology
• Thorough knowledge of the Bank’s application and infrastructure environment.
• University degree or college diploma in a related field is preferred
• Familiarity and experience with several Bank’s application, Network and infrastructure environment including, but not limited to IBM mainframe, Windows Active directory, AS400 and DB2
• Sound knowledge of regulatory requirements.
• Advanced presentation and communication skills.

#Li-Hybrid

Location(s):  Colombia : Bogota : Bogota 

ScotiaTech is a business unit within ScotiaGBS, a Scotiabank Group company located in Bogota, Colombia. The ScotiaTech hub was created to support different technology systems and processes of the Bank. We offer an inclusive, positive work environment, and competitive benefits.

At ScotiaTech, we value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaTech; however, only those candidates who are selected for an interview will be contacted.

Note: All postings in me@Scotiabank will remain live for a minimum of 5 days.