Director Security Incident Management

Requisition ID: 212647

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Reporting to the _Global Head of Cyberoperations Monitoring & Response_, the _Director of Cybersecurity Incident Management & Response _is responsible for managing a team of professionals that oversee cyber security incident response practices throughout Scotiabank globally. The _Director of Cybersecurity Incident Management & Response _governs the adherence to enterprise frameworks for executing cyber security incident response plans including root case investigation, threat containment and remediation activities. The _Director of Cybersecurity Incident Management & Response _effectively collaborates with key stakeholders globally to develop, implement, and integrate cyber security incident response capabilities throughout the Bank.

**Is this role right for you? In this Role, you will**:

- Leads and drives a customer focused culture throughout their team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
- Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
- Creates an environment in which his/her team pursues effective and efficient operations of his/her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, AML/ATF Global Handbook and the Guidelines for Business Conduct.
- Builds a high-performance environment and implements a people strategy that attracts, retains, develops, and motivates their team by fostering an inclusive work environment and using a coaching mindset and behaviors; communicating vison/values/business strategy; managing succession and development planning for the team.
- Provide advisory services to enhance Information and Cyber Security engagements.
- Translate complex technical problems into terms and processes that support the functional goals, strategic initiatives, and business alignment of a dynamic growth company.
- Continue to improve processes including feedback to areas under review regarding control issues.
- Manage and facilitate the execution of the Bank’s enterprise cyber security incident management plan (e.g. CIRT) and associated playbooks.
- Manage the creation, publication, and maintenance of technical documentation for responding to cyber security incidents globally.
- Oversee the onboarding of cyber security monitoring capabilities including approving use case development, facilitating control tuning, participating in simulation and training exercises, and providing cross-functional training.
- Coordinate with internal and external stakeholders and partners to maintain strategic relationships for delivery of enterprise operational services.
- Ensure that proper chain of custody is maintained and that all evidence management techniques and methods are executed in a forensically sound manner consistent with proven industry standards.

**Do you have the skills that will enable you to succeed in this role?**
- High level of customer service and communication required with clients globally; including C-Suite, internal and external Legal Counsels, Regulators, and Law Enforcement
- Strong approach to critical thinking, analytics, problem solving, creativity & detail oriented.
- Must be able to work extremely well under pressure while maintaining a high level of professionalism is critical.
- Proficiency in technical writing & communication for a business audience in English.
- Experience conducting incident response and technical investigations on various operating systems using industry standards incident response and security technologies (e.g. endpoint protection, data loss prevention, security information and event management, digital forensics).
- Working knowledge of protocols, technologies, and environments including but are not limited to: TCP/IP, SQL, Windows Server, Linux, Unix, IIS & STB client technologies
- Excellent communication skills: Ability to clearly articulate and visually present complex technical information and analysis results into concise business reports for the intended audience; communicating and explaining effectively incident response findings in layman’s terms
- Ability to work both independently, within a team, and the ability to gain the trust of legal and business stakeholders to achieve a desired objective
- +6 years of current and working knowledge in all aspects of incident response, information or cyber security, or related field; or a Bachelor's degree in an approved field from an accredited university and a minimum of +10 years of documented and relevant experience.
- Professional certific