Scotiabank is seeking a Cybersecurity Specialist to join their Information Security and Control (IS&C;)-Advisory Services team. This individual will contribute to the overall success of the team, ensuring specific individual goals, plans, initiatives are executed / delivered in support of business strategies and objectives. The role involves ensuring all activities conducted are in compliance with governing regulations, internal policies and procedures. - Champion customer focused culture to deepen relationships and leverage broader systems and knowledge. - Establish detailed understanding of Scotiabank's Third Party Risk Management (TPRM), Threat Risk Assessment (TRA), New Initiatives Risk Assessments (NIRA) practices and priorities, specifically as it relates to Information Security. - Advocate for IS&C;, building strong relationships and raising awareness for effective information security practices in supply chain. - Perform comprehensive risk assessments for bank initiatives and projects, identifying potential security threats and vulnerabilities. - Ensure all risk assessments and security measures comply with established standards and policies of the group. Propose effective risk mitigation strategies to address identified security risks. - Work closely with project teams, IT departments, and other stakeholders to integrate security measures into project plans. - Continuously monitor risk levels and provide regular reports to senior management on status of risk assessments and mitigation efforts. - Support Incident Management and Investigation processes. - Actively pursue efficient operations of respective areas in accordance with Scotiabank's Values, its Code of Conduct and Global Sales Principles, while ensuring adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk. - Champion high-performance environment and contribute to inclusive work environment. Key Responsibilities 1. Contribute to development and implementation of cybersecurity strategies and programs to protect Scotiabank's technology assets from evolving cyber threats. 2. Lead risk assessments and provide recommendations for improving risk management processes and reducing security threats. 3. Collaborate with cross-functional teams to develop and implement incident response plans and ensure timely responses to security incidents. 4. Develop and maintain relationships with key stakeholders, including executives, vendors, and external partners. 5. Stay up-to-date with emerging technologies and trends, and apply this knowledge to improve Scotiabank's cybersecurity posture. Requirements - Minimum 4 years of experience in Information Security and Cybersecurity. - Strong understanding of security controls/mechanisms/Protocols and threat/risk assessment techniques pertaining to complex data, application and network environments. - Excellent verbal and written communication skills in English, with ability to communicate technical information effectively to non-technical audiences. - Knowledge of regulatory guidelines related to financial services industry. - Strong knowledge of industry standards/frameworks related to Information Security (ISO27001/27002, NIST, PCI-DSS, GDPR, among others). - Certifications related to security considered an asset (e.g., CISSP, CISM, CRISC, CCSP, ISO27001). - Analytical experience, attention to detail, excellent critical thinking, logic, and problem-solving skills. - Ability to analyze complex problems, identify root causes, and develop effective solutions. - Excellent relationship management and negotiation skills to assist in communication and finalization of Bank's security requirements, contractual obligations and standards to internal teams and third party relationships. Working Conditions Work in standard office-based environment; non-standard hours a common occurrence.