Appsec and Cnapp Operation Specialist

Requisition ID: 230784 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. **The Team**: **The Role**: The incumbent is responsible for supporting the Senior Lead, Senior Manager, Director, CIO and CISO in achieving enterprise security strategic goals through various processes, including: - Develop and/or enhance the strategies and processes to identify, analyze, and communicate AppSec and CNAPP vulnerabilities as per the CISO Directives, technical standards and published communication process flows. - Develop and/or enhance reporting to development teams and all levels of management to provide proper tracking and measurement of remediation relative to established objectives. **Is this role right for you? In this role, you will**: - Design and deliver clear, actionable security communications in a timely manner tailored to technical and non-technical audiences to accelerate remediation efforts. Use data visualization and story-telling techniques to highlight risk and urgency. - Contribute to the success of our cloud transformation by supporting the Review and Triage of the findings flagged by AppSec and CNAPP. - Create standardized workflows and documentation to ensure consistent identification and triage. Integrate feedback into updated processes, training, and tooling. Build and maintain dashboards to provide visibility into vulnerability status, remediation trends, and other KPIs. - Recommend, design, assess, implement, deploy and maintain AppSec and CNAPP controls required to protect Scotiabank and its customers. - Support the deployment and configuration of AppSec and CNAPP tools, monitor control effectiveness, and customize reporting formats and frequency to meet the needs of diverse stakeholders, from engineers to executives. - Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk. - Guiding and tracking stakeholders through the risk mitigation process to ensure closure of identified risks. As well, maintain detailed audit trails and documentation to support compliance and governance requirements. - Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions. **Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have**: - 5+ years’ experience with documenting process, procedure, user guides and portals. - 3+ years’ experience with Microsoft Power Platform (PowerBI, PowerApps, Power Automate) SQL Server, M365, Azure Pipelines - 2+ years’ experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc. - 2+ years’ experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI. **Soft Skills**: - Flexible and resilient under shifting priorities. - Rapidly adapts to new tools, systems, environments, and priorities. - Demonstrates excellent communication and technical support capabilities for efficiently triaging and analyzing issues impacting development teams. - Demonstrates strong collaboration skills in aligning with stakeholders to achieve shared outcomes - Undergraduate degree or comparable work experience **What's in it for you?** - Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans. - Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements. - Upskilling through online courses, cross-functional development opportunities, and tuition assistance. - Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one. - Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more Location(s): Canada : Ontario : Toronto Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and