Senior Lead, Cloud Security Application Solutions

Requisition ID: 231426

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

The Team:

Scotiabanks Cloud Security Advisory Services team is responsible for providing advisory services to business lines subsidiaries and affiliates enabling the achievement of the Banks Information Security as it continues to move to the Public Cloud.

The Role:

The Senior Lead Cloud provides guidance to business lines to ensure design development and implementation of complex cloud projects and initiatives are in accordance with the Banks Information Security Standards and in compliance with industry this senior role you will be supporting various business lines while assisting them in making informed decisions to protect information assets deployed in Public Clouds environments.

Is this role right for you In this role you will:

• You have strong experience leading complex projects providing security advice to ensure information security risks are mitigated.
• You thrive in solutioning multiple security domains (Application Security Data Protection Cloud Security Engineering Identity and Access Management Cloud Security Architecture Network Security Risk Management etc.) and knowledgeable of Zero Trust Architecture principles.
• You have experience in solutioning security architecture for Public Clouds creating and reviewing security patterns and advising on security risks.
• You are proficient in reviewing architecture and solution design documentation and can identify and assess potential risks.
• You excel in reviewing Technical Design and Security Design documents and creating assessment documents and evaluating risks.
• You are passionate about new technologies and enjoy the challenges of implementing security controls to protect them.
• Working on different types of projects (from large complex to simple) is a part of your DNA.
• You love to collaborate with various business lines IT support functions and IS&C Control functions.
• Design and implement security controls that protect cloud-based applications and infrastructure.
• Develop and enforce security patterns policies standards and procedures to protect the integrity availability and confidentiality of the organizations cloud infrastructure
• Conduct comprehensive security assessments on large high-profile cloud initiatives implemented in GCP and Azure.
• Evaluate existing security solutions and propose enhancements or new designs to address emerging threats and business requirements.
• Ensure alignment with industry best practices compliance standards and organizational security policies.
• Identify security weaknesses vulnerabilities and gaps in existing systems and recommend remediation strategies.
• Conducting Threat Risk Assessments and performing security advisory work on specific applications and infrastructure associated with Scotiabanks Cloud Initiatives ensuring that controls are adequate meet Bank standards and enable business objectives.
• Conducting Risk Management activities.
• Provide support on how to apply the Banks portfolio of standards to the technology footprint of Scotiabanks Cloud offering.
• Provide oversight over the specific line of business security posture ensuring that all tools available to detect and remediate security risks have been applied.
• Work directly with technical leads from assigned Lines of Businesses supporting their initiatives from an Information Security perspective.
• Ensure cloud security solutions align with industry regulations and organizational compliance requirements.
• Manage the audit process for cloud security responding to compliance assessments and third-party audits.
• Stay updated with emerging trends in cloud security and propose improvements to the current security posture.
• Evaluate new cloud security controls technologies tools and processes to enhance the organizations security in cloud environments.
• Keep informed and well versed on financial industry regulations demands in different regions based on practical experience.

Do you have the skills that will enable you to succeed in this role Wed love to work with you if you have:

• Post-secondary education in Computer Science or in a related field.
• You have at least 5 years of hands-on technical work experience in performing security assessments on cloud platforms CI/CD deployment pipelines network infrastructure and complex applications. Experience with Risk Assessments of applications migrated into the Cloud Environments.
• You have at least 6 years experience in security solution architecture software development and/or hands-on experience with implementations of cloud environments security controls and cloud-based solutions.
• You are a strong communicator and capable of creating clear documentation.
• You have solid knowledge of cloud technologies and cloud security (GCP or Azure or AWS Kubernetes and IAM CI/CD pipelines Terraforms infrastructure as a code).
• Experience with GCP and Kubernetes is a strong asset.
• Experience with tools used in securing cloud deployments such as CNAPP CSPM CWPP etc.
• You have cloud security engineering or cloud solution architecture certifications from Google Microsoft or AWS.
• You have used industry leading productivity tools to produce quantitative/qualitative reports data flow diagrams & visual presentations.
• Certifications (CISSP CISM CCSP CRISC) are nice to have.
• Familiar with industry standards and frameworks e.g. NIST 800-53 ISO 27001 ISO27002 ISO 27017 ISO27018 PCI DSS CIS.
• You possess advanced communication (verbal/written/presentation) skills in English. Knowledge of Spanish is an asset.

Whats in it for you

• Diversity Equity Inclusion & Allyship-We strive to create an inclusive culture where every employee is empowered to reach their fullest potential respected for who they are and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities ethnicity race age ability & veterans.
• Accessibility and Workplace Accommodations- We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskillingthrough online courses cross-functional development opportunities and tuition assistance.
• Competitive Rewards program including bonus flexible vacation personal sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons contests Humans of Digital and much more!

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.