ID de la solicitud: 231955 Gracias por tu interés en ScotiaGBS, el mejor campus de Bogotá. Únete a un equipo ganador con un propósito claro, comprometido con el logro de resultados en un entorno inclusivo y de alto desempeño. Purpose In the role of Incident Senior Analyst, you’re responsible for responding to account-level threats and attacks at scale. This includes event and incident triage, threat-actor journey mapping, containment, remediation, and identification of root cause contributors. You regularly connect with your Fraud Threat Management colleagues to ensure ongoing situational awareness across the team. Your calm demeanor, adherence to protocols, and industry expertise will inspire confidence as you safeguard our customers and the Bank. Accountabilities • Respond to account-level attacks targeting any of Scotiabank’s products and digital properties in Canada in accordance with our incident protocol, incident communication matrix, service-level commitments, and all associated playbooks. Regularly review and incorporate lessons learned. • Produce and provide timely incident communications for a variety of audiences in accordance with the incident management protocol, incident communication matrix, and associated playbooks to ensure awareness and appropriate levels of engagement as part of response activities. • Identify systemic issues, reoccurring problems, and identified threats/vulnerabilities to our Fraud Problem Management function. Ensure these and other root cause contributors are captured within post-incident reviews. • Work to maintain and exceed established incident management KPIs including mean-time-to-detect (MTTD), mean-time-to-containment (MTTC), mean-time-to-remediation (MTTR) as measured by event type and severity. • Intake and triage of events to determine appropriate event type, severity, and prioritization. • Provide secondary support to Incident Analysts on events that require additional review and escalation. • Identify and recommend changes to cyber-fraud monitoring and alerts that you and your colleagues receive to ensure ongoing improvements to our early-detection efforts. • Recognize high-quality work and behaviours of your peers and others within the bank that contribute to the success of our mission. • Based on lessons learned during incident response, identify suggested changes to our comprehensive incident management playbooks outlining processes, tools, data, and technology requirements, as well as communications protocols and cross-functional interaction models. • Engage with vendors supporting our team with cyber-fraud incident response and red teaming. • Maintain ongoing awareness of the cyber-fraud threat landscape, including through certification, continuing professional education (CPE), industry group participation, threat intelligence feeds, and direct research. • Understand and apply the Bank’s risk appetite and risk culture for day-to-day activities and decisions. • Contribute to the overall success of the Global Fraud Management function, ensuring specific individual goals, plans and initiatives are delivered in support of the team’s business strategies and objectives. • Ensures all activities conducted in accordance with Scotiabank’s values and Code of Conduct and are in compliance with governing regulation and internal policies, procedures, and standards. Reporting Relationships Primary Manager: (include secondary Manager if applicable) • L8 Senior Manager, Incident Management Direct Reports: Note: While this is an individual contributor role, it does provide mentorship for newer team members. Dimensions • Responding to significant disruptive events in direct partnership with peers across Fraud Threat Management as well as those in Crisis Management, Cybersecurity Operations, Corporate Security, Privacy, Legal, and Global Incident Management. • The team is expected to triage ~1,096 events and 37 incidents annually, manage an inventory of 29 problems by the end of 2024, and reduce average gross annual incident related losses from $20MM to $4MM by 2027. • Ability to operate & prioritize under pressure in a changing environment. • Brings to the role personal presence, confidence, and ability to operate with the highest level of discretion and confidentiality. • Flexible and creative thinker with the ability to define business tradeoffs, generate out-of-the-box solutions and manage uncertainty; proactively identify and solve complex problems impacting management and business direction. Education / Experience • English B2+ conversational level • At least one (1) years of hands-on experience within a cyber-fraud or security incident management role. • Demonstrated knowledge in one or more of: incident management, threat-intelligence, and customer identity & access management (CIAM). • Relevant cybersecurity industry certifications are an asset (ex. Security+, CISSP, CISM, CISA, GCIH, ITCA, etc.). • Other relevant certifications are an asset (ex. CFE, CIPP/C, ITIL, etc.). • Bachelor’s degree in computer science, cybersecurity, or similar is an asset. • Bilingual in English is an asset. Working Conditions • Work in a standard office-based environment; non-standard hours are a common occurrence including on-call incident management support. • Some global travel may be required. Ubicación(s): Colombia : Bogota : Bogota ScotiaGBS forma parte del grupo de empresas de Scotiabank ubicado en Bogotá, Colombia, y fue creado para apoyar diversos procesos del Banco y el desarrollo y ejecución de su estrategia global de servicios en 15 países de las Américas. Está compuesto por 7 unidades de servicio. Ofrecemos un ambiente de trabajo inclusivo y positivo, además de ventajas competitivas. En ScotiaGBS, valoramos las habilidades y experiencias únicas que cada persona aporta al Banco y nos hemos comprometido a crear y mantener un entorno inclusivo y accesible para todos. Los candidatos deben postularse directamente en línea si desean ser tomados en cuenta para este puesto. Agradecemos a todos los candidatos por su interés en esta oportunidad profesional en ScotiaGBS; sin embargo, solo contactaremos a quienes hayan sido seleccionados para una entrevista.