Director, Security Solutions and Engineering

Requisition ID: 248770

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

The Role:

Reporting to the Head of Cloud & Application Security Product Management and Architecture the Director Security Solutions and Engineering will provide leadership to support solution architecture design patterns and Policy as Code practices and alsoserve as the primary security architect for emerging technologies within the Bank. The ideal candidate has strong leadership and stakeholder engagement skills and will lead a cross-functional team to deliver results that ensure alignment with long-term business objectives regulatory mandates and enterprise architecture standards. This involves setting clear objectives providing mentorship and ensuring that the deliverables align with the broader strategic goals of the organization.

The Director facilitates collaboration across different departments with the aim of making strategic architectural decisions and is accountable for defining and implementing enterprise-scale security architectures and engineering solutions for a regulated banking environment. This role ensures security controls are architected engineered automated and embedded into platforms cloud environments digital channels and core systems using modern practices such as policy-as-code reusable security patterns and platform-based security services.

This leader will partner closely with Enterprise Architecture Cloud Engineering Data and Risk & Compliance teams to ensure security architecture aligns with regulatory requirements business strategy and technology transformation initiatives.

Is this role right for you In this role you will:

• Provide direction to design develop automateand govern security architecture for the Bank in collaboration and alignment with global business technology and second and third line of defense teams.
• Define and maintain enterprise security architecture frameworks for Cloud and hybrid infrastructure banking platforms digital channels and data platforms and analytics environments
• Align security architecture with enterprise architecture standards technology roadmaps and business transformation programs (e.g. core modernization cloud migration digital transformation).
• Provide architectural risk assessments and design guidance for high-impact banking initiatives.
• Define security architectures for emerging banking technologies including Generative AI and model platforms Edge computingand IoT Serverless and event-driven platforms and Quantum-resistant cryptography strategies
• Define automated guardrails aligned with OSFI OCC MAS EBA FFIEC PCI DSS SOC2 ISO 27001 NIST and Internal bank policies and risk frameworks.
• Integrate security policies into Infrastructure-as-Code pipelines CI/CD pipelines Kubernetes and container platforms and Cloud governance platforms
• Lead teams responsible for building and operating security platforms such as Cloud security posture management and workload protection Application security platforms (SAST/DAST/SCA/IAST) Secrets management and cryptographic services (HSM KMS) Security telemetry detection engineering and data pipelines.
• Drive the transformation of security policies into enforceable policies embedded within CI/CD pipelines infrastructureand cloud environments.
• Facilitate forums and prepare the team for constructive collaboration sessions with cross-functional teams technology and business channels and control functions
• Define Cloud Security Policy as Code and Patterns architecture aligned to the Banks Cloud Security Posture and Security Policies & Standards.
• Lead security architecture governance through Architecture Review Boards and Security Design Reviews.
• Work closely with Risk Management Compliance Internal Audit and Regulators as required to provide defensible architecture documentation for audits and regulatory exams.
• Build and lead a high-performing team of security architects and engineers across cloud and application security domains.

Do you have the skills that will enable you to succeed in this role Wed love to work with you if you have:

• Minimum of a bachelors degree (or equivalent) required
• 12 years in security architecture engineering or technology leadership with 5 years leading enterprise-scale teams in a complex global organization.
• Proven experience in financial services banking capital markets or other regulated industries.
• Demonstrated success designing and implementing large-scale cloud and application security architectures.
• Strong background in embedding security into DevOps and platform engineering environments.
• Deep understanding of compliance frameworks and regulatory requirements.
• Previous exposure to Regulatory Compliance Risk and Audit functions
• Experience as a key technical partner in global technology transformation efforts demonstrating the ability to inspire and align diverse technologists drive efficient and effective decision-making and to deliver and support a robust information security governance framework.
• Security certifications (e.g. CISSP CCSP SABSA TOGAF cloud certifications) are highly desirable
• Experience engaging with regulators and internal audit is a must
• Knowledge of OSFI OCC FFIEC EBA MAS PCI DSS ISO 27001 NIST is preferred
• Strong leader with demonstrated ability to lead technical teams and build and maintain credibility with technical and non-technical stakeholders alike. Deep knowledge of relevant technologies must be combined with the ability to lead highly technical teams strong business acumen and excellent communication and listening skills.
• Strong planning and organizational skills; can manage multiple tasks and meet deadlines
• Experience in working with complex processes
• Willing to learn and grow and demonstrates resilience to ever-changing priorities

Whats in it for you

• Diversity Equity Inclusion & Allyship-We strive to create an inclusive culture where every employee is empowered to reach their fullest potential respected for who they are and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities ethnicity race age ability & veterans.
• Accessibility and Workplace Accommodations- We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskillingthrough online courses cross-functional development opportunities and tuition assistance.
• Competitive Rewards program including bonus flexible vacation personal sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons contests Humans of Digital and much more!

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.