Cybersecurity Investigator

The Team

As part of Scotiabank's Cybersecurity Operations Centre (CSOC), the Cybersecurity Investigator contributes to the overall success of the Cybersecurity / CMR Globally, ensuring specific individual goals, plans, and initiatives are executed and delivered in support of the team’s business strategies and objectives. This role ensures all activities conducted are in compliance with governing regulations, internal policies, and procedures.

The Role

This role champions a customer-focused culture to deepen client relationships and leverage broader Bank relationships, systems, and knowledge. Key responsibilities include:

• Monitoring all alerts received through various intake channels: CSS Hotline, Siem, CSS Mailbox, and internal reporting.
• Performing thorough investigations, creating well-documented cases, and gathering all evidence to support findings.
• Participating in rotational on-call schedules (primary or secondary) to attend/receive calls through the CSOC Hotline during day, night, and weekends.
• Determining the appropriate escalation path and engaging other teams based on investigation results.

Is this role right for you?

You will thrive in this role if you are:

• Passionate about utilizing technical knowledge to perform cybersecurity investigations using various analytical methods and technologies.
• Eager to use different solutions to enhance the company’s global security monitoring.
• Skilled in using available intrusion detection infrastructure to detect and remediate threats.
• Enjoy investigating and reviewing suspicious activities reported by customers or other bank employees.
• Interested in taking part in initiatives to contribute to the strategic direction for security-related technologies or controls to reduce threat levels.
• Adept at effectively breaking down complex technology knowledge and communicating it to non-technical people.

Skills

To succeed as a Cybersecurity Investigator, we are looking for candidates with:

• Advanced communication skills (verbal, written, presentation) in English. Spanish is a strong asset.
• At least 1 year of hands-on technical working experience in network security, information security, network and IT support, or related fields.
• Developed capabilities in prioritizing and completing assigned tasks in a timely manner, and providing oversight and training to less experienced team members.
• Working knowledge of various network principles, cybersecurity concepts, investigation procedures, and adversary techniques.
• Strong analytical and problem-resolution skills.
• Availability for 24/7 split shifts within a monitoring team on a rotational basis.
• Demonstrated ability to conduct investigations across multiple security technologies.
• Post-secondary education in Computer Science or a related field.
• Certifications such as GSEC, CompTIA Security+, CCNA, CompTIA Networking+, ITIL, CEH, and OSCP are considered a strong asset.

What's in it for you?

Scotiabank offers a compelling work environment, including:

• Diversity, Equity, Inclusion & Allyship: A commitment to an inclusive culture where every employee is empowered to reach their fullest potential, respected, and embraced through bias-free practices and inclusive values. Opportunities for learning, growth, and participation through various Employee Resource Groups (ERGs).
• Accessibility and Workplace Accommodations: Valuing unique skills and experiences, committed to creating an inclusive and accessible environment for everyone, with efforts to remove and prevent barriers.
• Upskilling: Opportunities through online courses, cross-functional development, and tuition assistance.
• Competitive Rewards: Program including bonus, flexible vacation, personal, sick days, and benefits starting on day one.
• Community Engagement: Opportunities for community engagement and belonging through various programs like hackathons, contests, and Humans of Digital.

Key skills/competency

• Cybersecurity Investigations
• Security Monitoring
• Incident Response
• SIEM Management
• Network Security
• Information Security
• Threat Detection
• Analytical Skills
• Communication
• On-call Support