Information Security Advisor

Requisition ID: 227418

Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.

Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture.

 

Purpose

The Global Identity & Access Management (GIAM), Governance Team is responsible for the governance of established security controls pertaining to Identity and Access management. The Enterprise Access Governance (EAG) team helps ensures Scotia’s information security controls are in place and operating effectively to reduce risks to the Bank.

As an Information Security Advisor within the Enterprise Access Governance (EAG) Team you will be responsible for supporting the achievement of the Bank’s information security objectives of integrity, privacy, and continuity by ensuring Logical Access is effectively governed for the Enterprise. You will govern oversight over access management through recertification controls, privileged access and toxic combinations controls and processes for enterprise applications and platforms. You will also be responsible to carry out day-to-day operational tasks in support of Identity and Access Management through design, development, and implementation of various reports, which can be leveraged to identify and remediate access as required.

Accountabilities

• Enjoy working in a positive environment with highly motivated individuals that want to reduce the risks within the bank
• Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Assist Senior Manager to make decisions based on research, consultation with experts and experience, and considers the impact of decisions on self, group, customers, and the Bank.
• Gather evidence and respond to various audit, compliance, and IT risk teams to remediate risk-related issues
• Identify, maintain & remediate orphan IDs in LAM on an ongoing BAU basis by working with various application teams and providing required guidance and remediation plan.
• Ask open questions to advance the team’s thinking. Encourages others to explore new ideas and ways of looking at things.
• Look for continuous improvements to maximize automation where possible and reduce manual efforts in all processes and procedures within the team, while considering and evaluating the bank’s risk appetite and risk culture.
• Create and contribute to specific analytics and reporting goals, in support of the overall success of Global Identity and Access Management (GIAM) business strategies
• Excel in relationship building (internal / external GIAM) and work with various teams to assist in completion of all certifications across the enterprise
• Brings external developments, trends, and best practices (outside-in thinking) to the Bank
• Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Perform required tasks for access governance functions; tasks relevant to Identity & Access Governance including access request, access certification, communication, and documentation of operational processes and procedures, etc.
• Managing and/or conducting detailed, risk-based evaluations of the design and operating effectiveness of Information Technology (IT) controls
• Assist/train junior staff on difficult or non-standard requests
• Demonstrate personal accountability for assigned projects, initiatives, and daily processes.

Education / Experience / Other Information (include only those that are specific to the role)

• Experienced in Bank’s core systems and technology:
  • ServiceNow 4+ yrs
  • SailPoint 3-5+ yrs
  • Power BI 2-3 yrs
  • CyberArk 3-5 yrs
  • Active Directory 5 + yrs
• Experience in conducting SailPoint IIQ and SIQ Certifications (Manager & Role Owner)
• Post-secondary education in IT or Security related field
• Strong analytical skills, specifically data analysis
• Excellent organizational skills and the ability to manage multiple intake channels efficiently
• Competent to work on complex projects independently with minimal supervision
• Experience with addressing audit inquiries and providing audit artifacts
• Strong working knowledge of information security policies and standards
• Once settled in position, occasional after-hours support may be required on rotational basis
• Technical designation is considered an asset (i.e.: CompTIA Security+, CISSP)
• Advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.

#Li-Hybrid
#COLGBS

Location(s):  Colombia : Bogota : Bogota

ScotiaTech is a business unit within ScotiaGBS, a Scotiabank Group company located in Bogota, Colombia. The ScotiaTech hub was created to support different technology systems and processes of the Bank. We offer an inclusive, positive work environment, and competitive benefits.

At ScotiaTech, we value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaTech; however, only those candidates who are selected for an interview will be contacted.