Cybersecurity Specialist

  Requisition ID: 221574

Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.

Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture.

Purpose

Contributes to the overall success of Information Security & Control (IS&C)-Advisory Services ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives.  Ensures all activities conducted are in compliance with governing regulations, internal policies and procedures.

Accountabilities

• Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Establish and maintain a detailed understanding of Scotiabank’s Third Party Risk Management (TPRM), Threat Risk Assessment (TRA), New Iniciatives Risk Assessments (NIRA) practices and priorities.  Specifically, as it relates to Information Security. 
• Be an advocate for IS&C, building strong relationships and raising awareness for the importance of effective information security practices in our supply chain.
• Perform comprehensive risk assessments for bank initiatives and projects, identifying potential security threats and vulnerabilities.
• Ensure all risk assessments and security measures comply with the established standards and policies of the group. Propose effective risk mitigation strategies to address identified security risks.
• Work closely with project teams, IT departments, and other stakeholders to integrate security measures into project plans.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Continuously monitor risk levels and provide regular reports to senior management on the status of risk assessments and mitigation efforts.
• Support the Incident Management and Investigation processes.
• Understand how the Bank’s risk appetite and risk culture should be incorporate into in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.

Dimensions

• Relationship with all the employees of Scotiabank Uruguay, Scotiatech and the Bank.
• Information Security Standards and frameworks (ISO27001, NIST CSF, PCI-DSS)
• Enterprise Risk Management
• Technology (Infrastructure, Cloud, Networking, Datacenter)
• Application Security.

Education / Experience / Other Information

• At least 4 years of experience in Information Security and Cybersecurity.
• Must have a solid understanding and experience with security controls/mechanisms/Protocols and threat/risk assessment techniques pertaining to complex data, application and network environments.
• Must have strong verbal and written communication skills in English with excellent individual project management and tracking skills. Spanish verbal skill is strongly desired.
• Must have knowledge of regulatory guidelines related to the financial services industry.
• Must have strong knowledge of industry standards/frameworks related to Information Security (ISO27001/27002, NIST, PCI-DSS, GDPR, among others).
• Certifications related to security are considered an asset (e.g., CISSP, CISM, CRISC, CCSP, ISO27001).
• Analytical experience, attention to detail, excellent critical thinking, logic, and ability to solve problems
• Excellent relationship management and negotiation skills to assist in the communication and finalization of the Bank's security requirements, contractual obligations and standards to internal teams and third party relationships
• Bilingual English/Spanish language skills (B2 English level)

Working Conditions

Work in a standard office-based environment; non-standard hours are a common occurrence.

#LI-Hybrid

Location(s): Bogotá or Home-Office

ScotiaTech is a business unit within ScotiaGBS, a Scotiabank Group company located in Bogota, Colombia. The ScotiaTech hub was created to support different technology systems and processes of the Bank. We offer an inclusive, positive work environment, and competitive benefits.

At ScotiaTech, we value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaTech; however, only those candidates who are selected for an interview will be contacted.

Note: All postings in me@Scotiabank will remain live for a minimum of 5 days.