- The candidate must have an understanding of vulnerability management and patch management processes.
- This role will work with application, infrastructure, and governance teams to inform them of discovered vulnerability and compliance issues.
- The candidate needs to be able to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
- The candidate must be able to identify what information must be gathered to validate findings and remediation efforts.
- Provide security expertise as requested and clearly communicate status and concerns to all levels of management.
- Maintain accurate information in the teams tracking tool and support departmental metrics and KRI reporting.
- Generate on demand and scheduled reporting.
- Leverage security expertise to contribute to program enhancement and continuous improvement efforts, and other team activities.
- Identify areas that can be automated and streamlined and develop new processes to make processes more efficient.
- You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
- You have a Bachelor's Degree or 2+ years' experience in information security, risk management, business analytics or information technology
- You have knowledge of how common software and web application vulnerabilities are disclosed and tracked by standards groups and application vendors.
- You have used industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations.
- You have experience with automation using Python and Rest APIs
- Security certification(s) CISSP, CISM, CCSP, CRISC etc.) would be an asset(s).
- Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
- Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
- Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
- Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
- Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.
Senior Analyst - Toronto, Canada - Scotiabank
Description
As part of the Vulnerability Management team, you will assist in managing and reporting the remediation of application & systems to bring them into compliance with Bank & Industry Security Standards. This position will work with assessors to develop remediation plans, collect relevant artifacts that demonstrate compliance and work with system and application teams to remediate findings. The Vulnerability Management Reporting Analyst will work closely with all areas of security, business technology and associated business partners.
This individual will work closely with all areas of the business and technology including, infrastructure, engineering, architecture, operations and application teams.
Is this role right for you?
Do you have the skills that will enable you to succeed in this role?
What's in it for you?