Principle Cloud Security Engineer
Scotiabank
- Toronto, ON
- Permanent
- Full-time
- Collaborate with cross-functional business and product teams to develop a enterprise aligned strategic framework for security products.
- Lead the creation of secure reference architectures, frameworks, policies and patterns for the security aspects of the SDLC including application, mobile, infrastructure, DevOps, cloud, and CI/CD pipelines.
- Define and continually evolve a holistic cloud security strategy covering the various cloud deployment models - SaaS, PaaS and IaaS.
- Define the security controls, requirements, architecture and tooling to manage the security posture and secure workloads to support Bank's cloud migration.
- Innovate and research next generation cloud security products to remediate security gaps and improve on existing security mechanisms
- Provide design and architectural advice to cross-functional teams on how to securely develop and build applications and supporting infrastructure
- Document, estimate and prioritize the various channel requests
- Continuous identification and improvement of security product capabilities.
- Defining scalable Cloud Security architectural patterns and templates. Enhancing Cloud Security posture through tooling, automation, and other means
- Review and get a deep understanding of industry frameworks/regulations/standards like NIST, OWASP, OSFI etc in scope of cloud security
- Governance of cloud security practices at Scotiabank to enable cloud acceleration in a secure manner
- Working with the devops and technology teams to identify the right security architecture for implementing new solutions, products and modules.
- Design security solutions to meet bank security needs and regulatory requirements
- Strong partnership with peers, technology leads and leaders across cross-functional teams
- University degree, preferably in Computer Engineering, Computer Science or related field, and a minimum of 10 years' experience in increasingly senior Information Security roles in a complex, global organization.
- 3+ years of experience developing, implementing and maintaining security solutions in public cloud like GCP, Azure or AWS. Extensive understanding of cloud infrastructure and services.
- Experience leveraging CI/CD deployment methodologies and infrastructure as code (IaC)
- Financial services and, specifically, banking experience is mandatory.
- Experienced in driving cross functional senior executive steering committees with a global presence.
- Experienced in develop and manage multi-million business cases for strategic initiatives.
- Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
- Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
- Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
- Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
- Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.