Requisition ID: 223473
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

We are seeking a Cloud Security Engineer to join our Cloud & Application Security Product and Architecture team. You are familiar with the DevOps space and have strong Cybersecurity and Cloud security knowledge and skills. In addition, you have strong communication and stakeholder engagement skills, allowing you to understand and implement Cloud Native Application Protection Platforms (CNAPP) solution and apply best practices. You will be instrumental in delivering the next generation security capability through a large-scale transformation effort at the Bank

Is this role right for you? In this role, you will:

Collaborate with stakeholders across the Bank – you will work closely with development and engineering, DevOps, cloud, application security and other application owner teams across the organization to deliver Cloud Security capabilities for the Bank.

CNAPP Operation

• Contribute to the success of our cloud transformation by supporting the Review and Triage of the findings flagged by CNAPP

• Develop and/or enhance strategies and processes to manage the security vulnerabilities and threats for cloud native applications

• Adhere to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate identified risks

DevSecOps Operation

• Review and consolidate the DevSecOps processes and tools

• Develop and/or enhance the strategies and processes to identify, analyze, and communicate cloud workload vulnerabilities as per the CISO Directives, technical standards and published communication process flows

• Develop and/or enhance reporting to development teams and all levels of management in order to provide proper tracking and measurement of remediation relative to established objectives

• Understand how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• 10+ years' relevant working experience in IT (development, DevOps, cloud security etc.)

• 5+ years' experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI.

• 3+ years' experience as a DevSecOps Engineer, with demonstrated experience in security integration, automation of security processes, risk assessment and mitigation.

• 3+ years' experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc.

• 5+ years' experience with documenting process, procedure, and user guide.

• 3+ years' experience with large organization cloud transformation.

• Excellent communication skill and good support skills for triaging and analysis of issues for all development teams.

• Proficient at collaborating with various stakeholders to achieve the objectives assigned.

• Undergrad or equivalent experience – valuing work experience more.

• GCP PCSE Certification preferred.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.

• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.

• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.

• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.

• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, cooking with friends, Humans of Digital and much more!

Work arrangements: Hybrid

#LI-Hybrid

Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.