Director Security Incident Management & Response

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Requisition ID: 212647

Reporting to the Global Head of Cyberoperations Monitoring & Response, the Director of Cybersecurity Incident Management & Response is responsible for managing a team of professionals that oversee cyber security incident response practices throughout Scotiabank globally. The Director of Cybersecurity Incident Management & Response governs the adherence to enterprise frameworks for executing cyber security incident response plans including root cause investigation, threat containment and remediation activities. The Director of Cybersecurity Incident Management & Response effectively collaborates with key stakeholders globally to develop, implement, and integrate cyber security incident response capabilities throughout the Bank.

Is this role right for you? In this Role, you will:

• Lead and drive a customer focused culture throughout your team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Create an environment in which your team pursues effective and efficient operations while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk.
• Build a high-performance environment and implement a people strategy that attracts, retains, develops, and motivates your team by fostering an inclusive work environment and using a coaching mindset; communicating vision/values/business strategy; managing succession and development planning for the team.
• Provide advisory services to enhance Information and Cyber Security engagements.
• Translate complex technical problems into terms and processes that support the functional goals, strategic initiatives, and business alignment.
• Continue to improve processes including feedback to areas under review regarding control issues.
• Manage and facilitate the execution of the Bank’s enterprise cyber security incident management plan (e.g. CIRT) and associated playbooks.
• Manage the creation, publication, and maintenance of technical documentation for responding to cyber security incidents globally.
• Oversee the onboarding of cyber security monitoring capabilities including approving use case development, facilitating control tuning, participating in simulation and training exercises, and providing cross-functional training.
• Coordinate with internal and external stakeholders and partners to maintain strategic relationships for delivery of enterprise operational services.
• Ensure that proper chain of custody is maintained and that all evidence management techniques are executed in a forensically sound manner consistent with proven industry standards.

Do you have the skills that will enable you to succeed in this role?

• High level of customer service and communication required with clients globally, including C-Suite, internal and external Legal Counsels, Regulators, and Law Enforcement.
• Strong approach to critical thinking, analytics, problem solving, creativity & detail oriented.
• Ability to work extremely well under pressure while maintaining a high level of professionalism.
• Proficiency in technical writing & communication for a business audience in English.
• Experience conducting incident response and technical investigations on various operating systems using industry standards incident response and security technologies.
• Key technical expertise in subject areas including, but not limited to: information and cyber security, networking and routing, data management, data privacy laws and regulations.
• Working knowledge of protocols, technologies, and environments including but are not limited to: TCP/IP, SQL, Windows Server, Linux, Unix, IIS & STB client technologies.
• Excellent communication skills: Ability to clearly articulate and visually present complex technical information and analysis results into concise business reports for the intended audience.
• Ability to work both independently and within a team, and the ability to gain the trust of legal and business stakeholders to achieve a desired objective.
• 6+ years of current and working knowledge in all aspects of incident response, information or cyber security, or related field; or a Bachelor's degree in an approved field from an accredited university and a minimum of 10 years of documented and relevant experience.
• Professional certifications and membership of associations in the field of information/cyber security and digital forensics is desired (e.g. Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP)).

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation during the recruitment and selection process, please let our Recruitment team know. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.