Pentest Service Advisor

Scotiabank•Toronto, ON

4d•Onsite

About The Position

Scotiabank’s Information Security & Control (IS&C)’s Cyber Security Red Team has global accountability and is highly supportive of the Bank’s business, enabling execution of the Bank’s strategies, operations and services, while ensuring that appropriate application and cyber security practices are adhered to. This function provides core competency in proactively detecting application and network vulnerabilities while working with the appropriate teams in instituting appropriate controls to mitigate risks, specifically as it pertains to system vulnerabilities and threats. In this role, you will be expected to work closely with the application development groups from every line of business in the Bank to integrate application and network security processes and procedures into the software development lifecycle. You will work closely with vendors and the Bank’s internal penetration testing team to ensure regulatory driven penetration testing programs are executed.

Requirements

3+ years as a Project Manager or Technical Coordinator or security related experience
A natural curiosity for how things work, exploring unknowns, and unafraid to test perceived limitations.
Strong customer service skills
Possess strong communication (verbal/written/presentation) skills in English. The same in Spanish is a considered an asset.
Well-rounded interpersonal skills, with the ability to build relationships cross-functionally, based on Scotiabank’s values of respect, integrity, passion and accountability.
Experience adhering to financial budgets, financial reporting, reviewing invoicing and statements of work
The ability to read and comprehend regulatory-type documentation
A dynamic personality, able to work with a wide scope of work that is ever changing.

Nice To Haves

The same in Spanish is a considered an asset.

Responsibilities

Collaborate with IT management teams, security advisory and IT Risk teams, on a Global Scale to ensure effective execution of mandated assessments
Develop/enhance and/or execute effective communication models to assist with the management of reported vulnerabilities and their remediation with the development and infrastructure in support of risk management practices
Develop/enhance and/or execute strategies and processes to track, manage and communicate reported results of testing
Be responsible for adherence to established process flows that ensure development teams, infrastructure teams and business owners implement control measure that effectively mitigate or eliminate risk.
Be responsible for timely and accurate reporting of all findings to the appropriate teams, different levels of management and business risk owners
Be responsible for scheduling, oversight of execution, and forwarding deliverables to stakeholders and other Security teams within IS&C.

Benefits

Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume