Title: Information Security Analyst SeniorRequisition ID: 212142
Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.
Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we're always committed to results, in an inclusive, diverse, and high-performing culture.
Purpose Security Assurance within Security Services is responsible for reviewing privileged accesses and configurations on a scheduled basis to identify areas where access and configurations have been changed without cause.
Accountabilities:As an Information Security Analyst Senior, the role ensures the protection and integrity of the Bank's critical information and assets. The incumbent will:
Review access to systems including Critical Information Assets (CIA).Validate that access was due to sanctioned and documented activities (e.g., Change Records).Ensure that configurations are changed with cause and appropriate documentation.Conduct detailed, risk-based evaluations/monitoring of Information Technology (IT) controls utilizing the Bank's information security standards and regulatory requirements.Review reports to investigate, escalate and track control deficiencies, ensuring action items and remediation plans are vigorously tracked to closure.Provide knowledgeable opinion on compliance with information security standards.Understand how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions.Actively pursue effective and efficient operations in accordance with Scotiabank's Values and Code of Conduct, ensuring the adequacy, adherence to, and effectiveness of day-to-day business controls.Champion a high-performance environment and contribute to an inclusive work environment.Reporting Relationships (Job Titles only)Primary Manager:Senior Manager, Security AssuranceDirect Reports:NAEducation / Experience / Other InformationMust Have: Spanish language is a must, especially IT/technical Spanish.Expertise in IT key controls and risk assessment concepts.Strong verbal and written communication skills, especially report writing ability.Nice to Have: One or more industry certifications like CISA, etc. in a related field is preferred with 1-2 years practical experience in information technology.Thorough knowledge of the Bank's application and infrastructure environment.University degree or college diploma in a related field is preferred.Familiarity and experience with several Bank's application, Network and infrastructure environment including, but not limited to IBM mainframe, Windows Active directory, AS400 and DB2.Sound knowledge of regulatory requirements.Advanced presentation and communication skills.
#J-18808-Ljbffr