Lovejot Lal

Seasoned Information Security Specialist with over 5 years of experience in managing and analyzing enterprise email security infrastructures, currently serving as a Senior Information Security Specialist at Scotiabank. Expertise in Cisco IronPort Email Security Appliance (ESA), DMARC implementation, email threat analysis, and Python scripting for automation. Proven track record in leading email security platform migrations, mentoring junior team members, and coordinating with vendors to resolve complex security issues. Recognized with “Best of the Best” award for outstanding performance and dedication to delivering secure and scalable solutions. Strong communicator with a commitment to continuous learning and operational excellence in cybersecurity.

2021 - PRESENT

Senior Information Security Specialist, Scotiabank, Scarborough, ON

Experienced Email Security Specialist with a proven track record of success as a key member of Scotiabank's Security Operations team. Over 5 years of experience in analyzing and managing email security platforms. Recognized twice as a top performer and awarded "Best of the Best" for outstanding contributions to the team and the business.

• Led strategic initiatives to enhance email security, including a comprehensive Proof of Concept for replacing the current Email Security Gateway and the Developed comprehensive migration policies to ensure a seamless transition. Conducted in-depth evaluations of various solutions, including Proofpoint on Demand, Abnormal Security, Sublime Security, Fortinet, Checkpoint, and Darktrace, to identify the most suitable option for the organization's needs.

• Led the proof of concept (POC) for a behavior analytics-based email security tool, utilizing advanced technology to proactively identify and mitigate sophisticated email threats.

• Successfully transitioned Cisco Email Security Appliances from on-premise to cloud environments, greatly improving the bank's security posture by harnessing the scalability, reliability, and cost- effectiveness of cloud solutions, positively impacting 60,000 users.

• Led the million-dollar DMARC implementation project, enhancing email security across the bank's infrastructure by deploying a robust email authentication system. This initiative significantly minimized the risk of email spoofing and phishing attacks, covering approximately 700 domains with no disruption complaints reported.

• Created streamlined automation solutions using Python scripts and API calls to optimize daily processes, boosting the performance of Email Security Appliances and Security Services. These workflows reduced manual effort, improved accuracy, and enhanced overall efficiency, while addressing critical issues like email delays that impacted thousands of users on a daily basis.

• Presented to Senior Management the benefits of adopting modern email security tools, demonstrating efficiencies and enhanced security capabilities, leading to strategic decisions on tool implementation.

• Collaborated with cross-functional teams (SIEM and SOAR) to create automation workflows utilizing email logs, integrating email security data with other security systems to enable more comprehensive threat detection and response capabilities.

• Managed and monitored the creation of new policies for Cisco IronPort Email Security Appliances, ensuring compliance with industry best practices and regulatory requirements.

• Provided expert-level support for email security appliances, ensuring adherence to organizational security standards and mitigating risks associated with email-based threats.

• Participated in incident response activities (SIRT), leveraging deep technical expertise to identify the root cause of email security incidents and recommend effective remediation strategies.

• Played a pivotal role in change management processes, ensuring successful transitions from testing environments to production by meticulously planning, executing, and monitoring the implementation of new email security solutions.

• Shared knowledge and expertise by conducting regular training programs for new team members, fostering a culture of continuous learning and development within the team.

• Collaborated closely with vendors to identify and resolve issues, provide improvement recommendations, and optimize security settings.

• Optimized security settings in collaboration with the Fraud and SOC teams, significantly enhancing the organization's protection against a wide range of email-based threats, including phishing, credential harvesting, business email compromise, spoofing, and fraud.

• Demonstrated strong analytical skills and a proven ability to solve complex problems, effectively troubleshooting production infrastructure environments and identifying solutions to address challenges.

• Recognized for exceptional performance with the "Best of the Best" award, highlighting outstanding contributions to business success.

2017 - 2021

Senior Information Security Analyst, Scotiabank, Scarborough, ON

Became member of Scotiabank’s Security Operation team as a Coop Student, Provided essential first- line support for critical security technologies (Email Security - Cisco IronPort, Web Proxies -Websense, Zix Secure email)
 

• Demonstrated strong troubleshooting skills and effectively supported a diverse range of security tools, from web proxies to email security appliances, resolving issues promptly and efficiently.

• Enhanced operational efficiency by skillfully leveraging complex CLI and GUI-based message tracking, optimizing daily operations and minimizing downtime.

• Actively contributed to process improvement by conducting in-depth research on security enhancements and making well-informed recommendations to management, driving positive change within the team.

• Collaborated effectively with clients to understand their unique requirements and deliver tailored solutions, ensuring minimal risk and maximizing customer satisfaction.

• Utilized Confluence as a powerful tool for documenting processes and changes, promoting transparency and facilitating knowledge sharing within the organization.

• Demonstrated exceptional resilience by working overtime and actively participating in annual disaster recovery tests, ensuring the organization's preparedness for potential disruptions.

• Gained invaluable experience in the challenging operational environment of the banking sector, developing a deep understanding of industry-specific security requirements and best practices.

• Effectively managed security incidents and service requests using industry-standard IT service management tools like ServiceNow, ensuring timely resolution and maintaining a high level of service quality.

2016 - 2017

Post-Secondary Diploma in Computer and Information Systems Security, Georgian College, Barrie, Ontario

2011 - 2015

Bachelors of Technology in Computer Science, Guru Nanak Dev University, Amritsar, Punjab, India