Information Security Consultant Lead

hace 2 meses


Bogotá, Colombia Scotiabank A tiempo completo

Requisition ID: 205097
We are committed to investing in our employees and helping you continue your career at ScotiaTech.

Purpose

What’s in it for you?

Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as GWE. An Information Security Advisor provides advisory services to assist in the development and support of sound security strategies and secure control processes to protect the Bank's information and data resources.

The Team

Contributes to the overall success of IT&S and ICRM in GWE, ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives. Ensures all activities conducted follow governing regulations, internal policies and procedures.

Accountabilities

  1. Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
  2. Acting as a central point of reference and core competency for Information Security. Assisting in the classification and protection of data resources by providing guidance on secure and cost effective implementation of Bank's security policies and standards.
  3. Representing Information Security in projects, initiatives, mergers and acquisitions. Working with business lines to develop sound security strategic and tactical plans towards the reliable implementation of consistent and secure control processes to protect the Bank. Drive initiatives and support business functions to assess security risks and to make informed decisions to protect information assets.
  4. Providing guidance to design, develop and implement sound risk management controls in accordance with Bank's standards that assure the Bank's compliance with industry regulations. Keeping informed and well versed on financial industry regulations demands in different regions based on practical experience.
  5. Pursuing security and control process improvements to advance security compliance and improve internal processes.
  6. Participate in initiatives and projects driven by various business lines. Guide project and delivery managers to design and establish sound information security practices, facilitating key artifacts such as security design documents, threat/risk assessments and data classifications with the owner to ensure that risks are identified and effectively managed. Where required by risk, lead due diligence reviews over third party outsourcing partners to ensure that their security posture aligns with the Bank and industry best practice. Work with the relationship owner and the third party to create and track an action plan for remediation of issues.
  7. Acting as a central point of reference and core competency for Information Security, providing first line subject matter expert advice on classification and protection of data through Bank's information security standards, policies and processes, and industry best practices.
  8. Liaise with internal and external security teams and business lines to develop sound security strategic and tactical plans towards the reliable implementation of consistent and secure control processes to protect the Bank.
  9. Generate reports associated with the vulnerabilities reported by the different security tools to follow up and manage the remediation of vulnerabilities and weaknesses identified in the technological platform.
  10. Monitor, follow up, and define specific actions to guarantee the security compliance of the organization's assets.
  11. Execute tasks to keep the security controls and indicators within the optimal thresholds for decreasing the level of security risk in the Organization.
  12. Work with our business line partners to assess and ensure compliance to the Bank standards. Escalating risk through appropriate channels.
  13. Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
  14. Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
  15. Champions a high-performance environment and contributes to an inclusive work environment.

Dimensions

  • Direct reporting line to Director, ICRM GWE. Several projects related to a portfolio of approx. +150 banking applications. No budget, project or financial oversight.

Education / Experience / Other Information

  • Must have a solid understanding and experience with security controls/mechanisms and threat/risk assessment techniques pertaining to complex data, application and network environments.
  • Strong knowledge of cloud security controls, cloud computing concepts, and cloud architecture security.
  • Knowledge of financial services' Security Governance Framework (policies and standards) is a strong asset.
  • Knowledge of cryptographic concepts leveraged in modern applications and systems.
  • Knowledge of static and dynamic code analysis.
  • Knowledge of Identity & Access Management, PKI, Intrusion Prevention, and vulnerability assessments.
  • Knowledge of network security components such as firewalls, routers, intrusion detection, anti-virus software.
  • Strong Microsoft Office software skills particularly Excel, Word, Visio, and PowerPoint.
  • Must have advanced verbal and written communication skills in English (B2).
  • Working knowledge of regulatory guidelines related to the financial industry like OSFI.
  • University degree in computer science/related field or relevant work experience.
  • Certifications CISSP, CISM, CCSP, CRISC or alike are nice to have.
  • Other technical certifications are nice to have.

Working Conditions

  • Work in a standard office-based environment; non-standard hours are a common occurrence.

#LI-Hybrid

Location(s): Bogotá or Home-Office
ScotiaTech is a business unit within ScotiaGBS, a Scotiabank Group company located in Bogota, Colombia. The ScotiaTech hub was created to support different technology systems and processes of the Bank. We offer an inclusive, positive work environment, and competitive benefits.
At ScotiaTech, we value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaTech; however, only those candidates who are selected for an interview will be contacted.

Note: All postings in will remain live for a minimum of 5 days.

#J-18808-Ljbffr

  • Bogotá, Colombia Scotiabank A tiempo completo

    Title: Information Security Consultant Lead Requisition ID: 205097 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose What’s in it for you? Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    Job SummaryWe are seeking a highly skilled Information Security Consultant Lead to join our team at Scotiabank. As a key member of our Information Technology and Security (IT&S) department, you will be responsible for providing advisory services to assist in the development and support of sound security strategies and secure control processes to protect the...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    About UsScotiabank is a leading financial institution with a commitment to excellence and innovation. We're dedicated to helping our employees grow their careers while making a positive impact in the community.Job SummaryWe're seeking an experienced Information Security Consultant Lead to join our team in Bogotá, Colombia. As a key member of our Global...


  • Bogotá, Cundinamarca, Colombia Scotiabank A tiempo completo

    **Requisition ID**: 205097 We are committed to investing in our employees and helping you continue your career at ScotiaTech. **Purpose** - What’s in it for you?_ Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as GWE. An Information Security Advisor...


  • Bogotá, Colombia Scotiabank A tiempo completo

    Requisition ID: 205097 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose What’s in it for you? Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as GWE. An Information Security Advisor...


  • Bogotá, Colombia Scotiabank A tiempo completo

        Requisition ID: 205097   We are committed to investing in our employees and helping you continue your career at ScotiaTech. PurposeWhat’s in it for you?Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as GWE. An Information Security Advisor provides...


  • Bogotá, Colombia Scotiabank A tiempo completo

    Requisition ID: 205097 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose What’s in it for you? Opportunity to showcase your leadership in the Technology Risk Management space by supporting the Global Wealth Engineering team, otherwise known as GWE. An Information Security Advisor provides...


  • Bogotá, Colombia INGEPSY A tiempo completo

    Requisition ID: 205097 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose An Information Security Advisor provides advisory services to assist in the development and support of sound security strategies and secure control processes to protect the Bank's information and data resources. The...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    We are seeking an experienced Chief Information Security Architect Lead to join our team at Scotiabank. As a key member of our Information Security organization, you will play a critical role in developing and implementing sound security strategies and secure control processes to protect our information and data resources.The ideal candidate will have a...


  • Bogotá, Bogotá D.E., Colombia Motorola Solutions A tiempo completo

    About the Role\helpers we are seeking an experienced Information Security Project Lead to join our team at Motorola Solutions. This is a great opportunity for a skilled professional to leverage their expertise in project management and cybersecurity to drive our business forward.",“The successful candidate will be responsible for planning, executing, and...

  • Team Lead

    hace 2 meses


    Bogotá, Colombia Scotiabank A tiempo completo

    Team Lead & Information Security Analyst Advisory Requisition ID: 204603We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose Security Assurance within Security Risk Governance is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access...


  • Bogotá, Bogotá D.E., Colombia Control Risks A tiempo completo

    Cyber Security ConsultantWe are seeking a highly skilled Cyber Security Consultant to join our team at Control Risks. As a Cyber Security Consultant, you will be responsible for providing strategic and technical cyber security consulting to help clients reduce their risk, secure their information, and respond to incidents.Key Responsibilities:Deliver...

  • Team Lead

    hace 3 meses


    Bogotá, Cundinamarca, Colombia Scotiabank A tiempo completo

    **Requisition ID**: 204603 We are committed to investing in our employees and helping you continue your career at ScotiaTech. **Purpose** Security Assurance within Security Risk Governance is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access and configurations have been changed without...

  • Team Lead

    hace 3 meses


    Bogotá, Colombia Scotiabank A tiempo completo

    Title: Team Lead & Information Security Analyst Advisory Requisition ID: 204603 We are committed to investing in our employees and helping you continue your career at ScotiaTech. Purpose Security Assurance within Security Risk Governance is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    About the RoleWe are seeking a highly experienced and skilled Chief Information Security Architect to join our team at ScotiaTech in Bogotá, Colombia. This is an exciting opportunity for a seasoned professional to lead our information security efforts and ensure the Bank's assets and data resources are protected.Job SummaryThe successful candidate will be...

  • Team Lead

    hace 3 meses


    Bogotá, Colombia Scotiabank A tiempo completo

        Requisition ID: 204603   We are committed to investing in our employees and helping you continue your career at ScotiaTech. PurposeSecurity Assurance within Security Risk Governance is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access and configurations have been changed without...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    Job Overview: As a key member of our Security Assurance team, you will play a vital role in ensuring the protection and integrity of Scotiabank's critical information and assets. About the Role: We are seeking an experienced Information Security Analyst Senior to join our team in Bogota, Colombia. This is a challenging opportunity for someone with strong IT...


  • Bogotá, Bogotá D.E., Colombia AgileEngine A tiempo completo

    About the RoleWe are seeking a highly skilled Information Security Specialist to join our team at AgileEngine. As a key member of our security team, you will be responsible for maintaining our Information Security Framework and implementing controls to ensure security requirements are met.Key ResponsibilitiesMaintain and update our Information Security...


  • Bogotá, Colombia Scotiabank A tiempo completo

    Requisition ID: 212142 Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota. Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture. **_ Purpose_** Security Assurance...


  • Bogotá, Bogotá D.E., Colombia Scotiabank A tiempo completo

    Job DescriptionWe are seeking a highly skilled Enterprise Information Security Strategist to join our team at Scotiabank. This is a unique opportunity for an experienced professional to lead the development and implementation of information security strategies that align with our organization's goals.About the RoleThe successful candidate will have expertise...