Information Risk and Security Engineer
2 weeks ago
Requisition ID: 211887
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Cryptographic Operations is a unit within Scotiabank’s Information Security & Control (IS&C) that provides services including HSM engineering, key and secret management, certificate management, etc. The team has enterprise-wide accountability and is highly supportive of the Bank’s business, safeguarding and running some of the bank's Critical Information Assets. Strong investments have been focused on automation and research into industry-leading cryptographic tools to meet Technology Enabler initiatives such as Improving Productivity and Modernizing to Win enabling the Bank to safely conduct business transactions in high-risk environments.
Key Accountabilities for Information Security Engineer:
- Deliver Cryptographic HSM solutions and services across the enterprise by partnering with internal and external stakeholders.
- Provides second-line support of HSM and Key Management technologies, participating in the team’s 24/7 standby schedule.
- Actively reviews and actions requirements for patching, maintaining to supportable HW and SW versions, currency lifecycle management inclusive of obsolescence planning, service ownership, reporting and resolving of Audit findings.
- Responsible for creation of new and upkeep of all HSM inventories, documentation, knowledge base and checklist.
- Participate in HSM incident response investigations and escalations on HSM infrastructure, cross functionally with other teams to deliver best in class service and operational effectiveness and efficiency.
- When required, attending and participating onsite with audited key ceremonies at the Crypto Production Center located in Scarborough ON.
- Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
- Champions a high-performance environment and embracing Scotiabank’s values and contributing to an inclusive work environment.
- Participates in project activities for critical applications requiring managed cryptographic keys and integration with secure key storage solutions.
- Accountable for managing day 2 intake by reviewing, assessing, and delivering.
Qualifications:
Must Have:
- Strong knowledge in server administration (Linux, and Windows).
- Related University degree or college diploma (computer science, engineering, and other related majors) and a minimum of three (3) years equivalent security industry-related experience.
- Must have the ability to generate reports and tailor communication strategies for various levels of technical staff and executive management.
- Good communication and support skills for triaging and resolving technical issues.
- Demonstrable knowledge about cryptography and network security.
Nice to have:
- HSM experience with strong knowledge in implementation (installation, configuration, integration) and enterprise grade application support.
- Expertise and experience with General and Payment grade HSM technology e.g. Thales Luna, Atalla, Futurex, nShield, & Marvell Liquid Security.
- Knowledge and experience with Service NOW and ITIL processes, incident response.
- IT standards, methodologies, key management regulations, and audit requirements.
- Proven security and risk awareness i.e. CISSP or any other security designations would be an asset.
- Software development and scripting experience.
Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation during the recruitment and selection process, please let our Recruitment team know. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
#J-18808-Ljbffr-
Candiac, Canada Manulife Full timeDirector, Information Security and Risk ManagementManulife is a leading financial services group. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.This role offers the opportunity to lead our information security and risk management efforts as the Director of Information...
-
Candiac, Canada GeoComply Full timeh3>GeoComplyGeoComply provides geolocation compliance, fraud prevention, and cybersecurity solutions that detect location fraud and verify a customer’s true digital identity.At the heart of it all is the people, united by a deep commitment to problem-solving and revolutionizing how people and businesses use the internet to instill confidence in every...
-
Risk Management Specialist
2 weeks ago
Candiac, Quebec, Canada CIBC Full timeSecurity Expertise in DemandCIBC seeks a skilled Risk Management Specialist to join our growing information security group. In this role, you will conduct third-party due diligence assessments to identify potential risks and provide recommendations for enhancing our information security landscape.As a seasoned professional in Information Security, you will...
-
Strategic Information Security Leader
4 weeks ago
Candiac, Quebec, Canada Manulife Full timeDirector, Information Security and Risk ManagementWe are a leading financial services group providing comprehensive solutions for individuals, groups, and institutions.This role offers the opportunity to lead our information security and risk management efforts as the Director of Information Security and Risk Management. By developing and implementing a...
-
Candiac, Quebec, Canada Manulife Full timeJob OverviewWe are seeking a seasoned Cyber Security and Risk Management Director to lead our organization's information security strategies. This pivotal role demands expertise in risk management, cybersecurity, and compliance to drive continuous improvement in our security practices.
-
Senior DevOps Engineer for Cloud Security
2 days ago
Candiac, Quebec, Canada Security Compass Full timeWe are seeking a skilled Senior DevOps Software Engineer to join our team at Security Compass. The ideal candidate will take ownership of deployment, scaling, automation, and configuration management, while bridging development, operations, and Linux systems programming to lead initiatives.Key Responsibilities:Collaborate with an experienced team in the...
-
Risk Management Leader
4 weeks ago
Candiac, Quebec, Canada Manulife Full timeDirector of IRM Assurance COE ExecutionManulife, a leading financial services group, offers an exciting opportunity for a Director of IRM Assurance COE Execution. This role provides strategic leadership and oversight of risk management activities within the organization.About the Role:This position ensures that risk is managed effectively by executing 2nd...
-
Cloud Engineering Lead for Secure Applications
4 weeks ago
Candiac, Quebec, Canada Security Compass Full timeSecure Your Future with UsSector: CybersecurityAbout the Role:We are seeking a seasoned Cloud Engineering Lead to spearhead the deployment and management of our flagship product SD Elements on Kubernetes for enterprise customers. As a key member of our Engineering Operations department, you will be responsible for designing, implementing, and maintaining...
-
Information Technology Risk Manager
2 weeks ago
Candiac, Canada RBC Full timeAre you a talented, creative and results-driven professional who thrives on delivering high-performing applications? Come join us!Global Functions Technology (GFT) is part of RBC’s Technology and Operations division. GFT’s impact is far-reaching as we collaborate with partners from across the company to deliver innovative and transformative IT solutions....
-
Director, Cyber Security and Risk Management
3 weeks ago
Candiac, Canada Manulife Full timeDirector Strategy Information Security and Risk ManagementManulife is a leading financial services group. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions.This role offers an exceptional opportunity to lead and shape our information security and risk management strategies as the...
-
Chief Security Officer
2 days ago
Candiac, Quebec, Canada GeoComply Full timeGeoComply, a leading provider of geolocation compliance and cybersecurity solutions, is seeking an experienced Chief Information Security Officer (CISO) to join its team.About GeoComplyWe're a technology company at the forefront of geolocation, cybersecurity, and anti-fraud innovation. Our mission is to help ensure regulatory compliance, combat bad online...
-
Candiac, Quebec, Canada Manulife Full timeCompany Overview:Manulife is a leading financial services group providing comprehensive financial advice, insurance, and wealth management solutions. Our mission is to maintain a secure and compliant IT environment.We're seeking a seasoned information security professional to lead our risk management efforts as the Director of Information Security and Risk...
-
Senior DevOps Software Engineer
1 month ago
Candiac, Quebec, Canada Security Compass Full timeTransformative Solutions with Security CompassWe at Security Compass are pioneers in creating a secure digital landscape where technology and trust coexist harmoniously. Our mission is to empower organizations to build robust cybersecurity solutions without hindering business growth.This is where you come in – as a Senior DevOps Software Engineer, you will...
-
Risk Management Specialist, IT Security
4 weeks ago
Candiac, Quebec, Canada Manulife Full timeAbout the RoleManulife is a leading financial services group that offers a wide range of solutions for individuals, groups, and institutions. As a Manager, Risk Management, you will be part of the Vendor Information Risk Management team.Key ResponsibilitiesConduct information security risk assessments for new and existing vendors, reviewing IT Controls,...
-
Information Security Junior Consultant
2 weeks ago
Candiac, Canada CIBC Full timeh3>Senior Information Security Risk AdvisorCIBC - Bank on your terms with CIBC – whether it’s in person, over the phone or online, CIBC has you covered.We’re building a relationship-oriented bank for the modern world. p>What you’ll be doingYou are passionate about information security and risk advisory services and want to join our growing...
-
Senior DevOps Software Engineer
1 month ago
Candiac, Canada Security Compass Full timeSecurity Compass Security Compass is a cybersecurity company that helps our customers proactively manage cybersecurity risk, without slowing down business.We at Security Compass are on a mission to create a world where we can trust technology by enabling organizations to shift left and build secure applications by design. Our flagship product, SD Elements,...
-
Cloud Automation Engineer
2 weeks ago
Candiac, Quebec, Canada Security Compass Full timeSecurity Compass is a pioneering cybersecurity company that empowers organizations to proactively manage risk without compromising business velocity.We are on a mission to create a world where technology can be trusted, and we enable organizations to shift left and build secure applications by design. Our flagship product, SD Elements, automates threat...
-
Candiac, Quebec, Canada RBC Full timeJob OverviewIn this challenging role, you will be responsible for managing multiple priorities in a fast-paced environment while identifying, de-escalating, and managing actual or perceived conflict among your team or with stakeholders.About the RoleYou will lead teams to perform control testing that evaluates the design and operating effectiveness of IT key...
-
Cybersecurity Risk Consultant
2 weeks ago
Candiac, Quebec, Canada Aviva Full timeAvivaOur global corporate website for investors, shareholders, career seekers, the media and individuals interested in our social responsibility.The Senior Cybersecurity Risk Consultant plays a vital role in maintaining risks and controls with Aviva Group Cybersecurity standards and policies and reducing operational risks to Aviva. This position provides...
-
Cloud Security Architect and Risk Manager
4 weeks ago
Candiac, Quebec, Canada Scotiabank Full timeThe Director, Cloud Security will lead and oversee Cloud Security within Global Risk Management globally ensuring business strategies, plans and initiatives are executed and delivered in compliance with governing regulations, internal policies, procedures with an understanding of industry frameworks/regulations/standards like CSA STAR, ISO, NIST, OWASP, OSFI...
