Incident Analyst

ID de la solicitud: 231955

Gracias por tu interés en ScotiaGBS, el mejor campus de Bogotá.

Únete a un equipo ganador con un propósito claro, comprometido con el logro de resultados en un entorno inclusivo y de alto desempeño.

**_
Purpose_**
In the role of Incident Senior Analyst, you’re responsible for responding to account-level threats and attacks at scale. This includes event and incident triage, threat-actor journey mapping, containment, remediation, and identification of root cause contributors. You regularly connect with your Fraud Threat Management colleagues to ensure ongoing situational awareness across the team. Your calm demeanor, adherence to protocols, and industry expertise will inspire confidence as you safeguard our customers and the Bank.

**_ Accountabilities_**
- Respond to account-level attacks targeting any of Scotiabank’s products and digital properties in Canada in accordance with our incident protocol, incident communication matrix, service-level commitments, and all associated playbooks. Regularly review and incorporate lessons learned.
- Produce and provide timely incident communications for a variety of audiences in accordance with the incident management protocol, incident communication matrix, and associated playbooks to ensure awareness and appropriate levels of engagement as part of response activities.
- Identify systemic issues, reoccurring problems, and identified threats/vulnerabilities to our Fraud Problem Management function. Ensure these and other root cause contributors are captured within post-incident reviews.
- Work to maintain and exceed established incident management KPIs including mean-time-to-detect (MTTD), mean-time-to-containment (MTTC), mean-time-to-remediation (MTTR) as measured by event type and severity.
- Intake and triage of events to determine appropriate event type, severity, and prioritization.
- Provide secondary support to Incident Analysts on events that require additional review and escalation.
- Identify and recommend changes to cyber-fraud monitoring and alerts that you and your colleagues receive to ensure ongoing improvements to our early-detection efforts.
- Recognize high-quality work and behaviours of your peers and others within the bank that contribute to the success of our mission.
- Based on lessons learned during incident response, identify suggested changes to our comprehensive incident management playbooks outlining processes, tools, data, and technology requirements, as well as communications protocols and cross-functional interaction models.
- Engage with vendors supporting our team with cyber-fraud incident response and red teaming.
- Maintain ongoing awareness of the cyber-fraud threat landscape, including through certification, continuing professional education (CPE), industry group participation, threat intelligence feeds, and direct research.
- Contribute to the overall success of the Global Fraud Management function, ensuring specific individual goals, plans and initiatives are delivered in support of the team’s business strategies and objectives.
- Ensures all activities conducted in accordance with Scotiabank’s values and Code of Conduct and are in compliance with governing regulation and internal policies, procedures, and standards.

**Reporting Relationships**
Primary Manager:
(include secondary Manager if applicable) - L8 Senior Manager, Incident Management
Direct Reports: Note: While this is an individual contributor role, it does provide mentorship for newer team members.

**_Dimensions_**
- Responding to significant disruptive events in direct partnership with peers across Fraud Threat Management as well as those in Crisis Management, Cybersecurity Operations, Corporate Security, Privacy, Legal, and Global Incident Management.
- The team is expected to triage ~1,096 events and 37 incidents annually, manage an inventory of 29 problems by the end of 2024, and reduce average gross annual incident related losses from $20MM to $4MM by 2027.
- Ability to operate & prioritize under pressure in a changing environment.
- Brings to the role personal presence, confidence, and ability to operate with the highest level of discretion and confidentiality.
- Flexible and creative thinker with the ability to define business tradeoffs, generate out-of-the-box solutions and manage uncertainty; proactively identify and solve complex problems impacting management and business direction.

**_
Education / Experience_**
- English B2+ conversational level
- At least one (1) years of hands-on experience within a cyber-fraud or security incident management role.
- Demonstrated knowledge in one or more of: incident management, threat-intelligence, and customer identity & access management (CIAM).
- Relevant cybersecurity industry certifications are an asset (ex. Security+, CISSP, CISM, CISA, GCIH, ITCA, etc.).
- Other relevant certifications are an asset (ex. CFE, CIPP/C, ITIL, etc.).
- Bachelor’s degree in computer science, cybersecurity, o