Incident Responder (Fraud Threat Management)
Scotiabank
- Toronto, ON
- Permanent
- Full-time
- Respond to account-level attacks targeting any of Scotiabank's products and digital properties in Canada in accordance with our incident protocol, incident communication matrix, service-level commitments, and all associated playbooks. Regularly review and incorporate lessons learned.
- Produce and provide timely incident communications for a variety of audiences in accordance with the incident management protocol, incident communication matrix, and associated playbooks to ensure awareness and appropriate levels of engagement as part of response activities.
- Identify systemic issues, reoccurring problems, and identified threats/vulnerabilities to our Fraud Problem Management function. Ensure these and other root cause contributors are captured within post-incident reviews.
- Work to maintain and exceed established incident management KPIs including mean-time-to-detect (MTTD), mean-time-to-containment (MTTC), mean-time-to-remediation (MTTR) as measured by event type and severity.
- Intake and triage of events to determine appropriate event type, severity, and prioritization. Provide secondary support to Incident Analysts on events that require additional review and escalation.
- Identify and recommend changes to cyber-fraud monitoring and alerts that you and your colleagues receive to ensure ongoing improvements to our early-detection efforts.
- Maintain ongoing awareness of the cyber-fraud threat landscape, including through certification, continuing professional education (CPE), industry group participation, threat intelligence feeds, and direct research. Based on lessons learned during incident response, identify suggested changes to our comprehensive incident management playbooks outlining processes, tools, data, and technology requirements, as well as communications protocols and cross-functional interaction models.
- At least one (1) years of hands-on experience within a cyber-fraud or security incident management role.
- Demonstrated knowledge in one or more of: incident management, threat-intelligence, and customer identity & access management (CIAM).
- Relevant cybersecurity industry certifications are an asset (ex. CISSP, CISM, CISA, GCIH, ITCA, etc.).
- Other relevant certifications are an asset (ex. CFE, CIPP/C, ITIL, etc.).
- Bachelor's degree in computer science, cybersecurity, or similar is an asset.
- Bilingual in Spanish is an asset.
- Continuous learning and advancement via workshops with external providers, courses, and conferences.
- Lead strategic projects with a significant impact on business line growth.
- A culture that promotes teamwork and cross-functional collaboration to achieve business goals. Inclusive workplace that values diversity of thought, background, and experience
- Opportunity to work and collaborate with teams and partners across different geographies, enriching professional experience and understanding of global payment markets.