Director Security Incident Management & Response

Requisition ID: 212647

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Reporting to the Global Head of Cyberoperations Monitoring & Response, the Director of Cybersecurity Incident Management & Response is responsible for managing a team of professionals that oversee cyber security incident response practices throughout Scotiabank globally.  The Director of Cybersecurity Incident Management & Response governs the adherence to enterprise frameworks for executing cyber security incident response plans including root case investigation, threat containment and remediation activities.  The Director of Cybersecurity Incident Management & Response effectively collaborates with key stakeholders globally to develop, implement, and integrate cyber security incident response capabilities throughout the Bank.

Is this role right for you? In this Role, you will:

• Leads and drives a customer focused culture throughout their team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Creates an environment in which his/her team pursues effective and efficient operations of his/her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, AML/ATF Global Handbook and the Guidelines for Business Conduct.
• Builds a high-performance environment and implements a people strategy that attracts, retains, develops, and motivates their team by fostering an inclusive work environment and using a coaching mindset and behaviors; communicating vison/values/business strategy; managing succession and development planning for the team.
• Provide advisory services to enhance Information and Cyber Security engagements.
• Translate complex technical problems into terms and processes that support the functional goals, strategic initiatives, and business alignment of a dynamic growth company.
• Continue to improve processes including feedback to areas under review regarding control issues.

• Manage and facilitate the execution of the Bank’s enterprise cyber security incident management plan (e.g. CIRT) and associated playbooks.
• Manage the creation, publication, and maintenance of technical documentation for responding to cyber security incidents globally.
• Oversee the onboarding of cyber security monitoring capabilities including approving use case development, facilitating control tuning, participating in simulation and training exercises, and providing cross-functional training.
• Coordinate with internal and external stakeholders and partners to maintain strategic relationships for delivery of enterprise operational services.
• Ensure that proper chain of custody is maintained and that all evidence management techniques and methods are executed in a forensically sound manner consistent with proven industry standards.

Do you have the skills that will enable you to succeed in this role?

• High level of customer service and communication required with clients globally; including C-Suite, internal and external Legal Counsels, Regulators, and Law Enforcement
• Strong approach to critical thinking, analytics, problem solving, creativity & detail oriented.
• Must be able to work extremely well under pressure while maintaining a high level of professionalism is critical.
• Proficiency in technical writing & communication for a business audience in English.
• Experience conducting incident response and technical investigations on various operating systems using industry standards incident response and security technologies (e.g. endpoint protection, data loss prevention, security information and event management, digital forensics).
• Key technical expertise in subject areas including, but not limited to: information and cyber security, networking and routing, data management, data privacy laws and regulations
• Working knowledge of protocols, technologies, and environments including but are not limited to: TCP/IP, SQL, Windows Server, Linux, Unix, IIS & STB client technologies
• Excellent communication skills: Ability to clearly articulate and visually present complex technical information and analysis results into concise business reports for the intended audience; communicating and explaining effectively incident response findings in layman’s terms
• Ability to work both independently, within a team, and the ability to gain the trust of legal and business stakeholders to achieve a desired objective
• +6 years of current and working knowledge in all aspects of incident response, information or cyber security, or related field; or a Bachelor's degree in an approved field from an accredited university and a minimum of +10 years of documented and relevant experience.
• Professional certifications and membership of associations in the field of information/cyber security and digital forensics is desired (ex. Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP))

Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.