30 may
|
Scotiabank
|
Bogotá
Postúlate en Kit Empleo: kitempleo.com.co/empleo/1b1oiq
Purpose
In the role of Incident Manager, you're responsible for responding to account-level threats and attacks at scale.
This includes incident triage, threat‐actor journey mapping, containment, remediation, and identification of root cause contributors.
You regularly connect with your colleagues across Fraud Threat Management to ensure ongoing situational awareness across the team.
You're calm under pressure and draw on your years of experience and knowledge of industry best practice to inspire confidence with stakeholders across the Bank as you keep our customers and the Bank safe.
Accountabilities
Respond to account-level attacks targeting any of Scotiabank's products and digital properties in Canada, regularly reviewing and incorporating lessons learned.
Produce and provide timely incident communications for a variety of audiences in accordance with the incident management protocol, incident communication matrix, and associated playbooks to ensure awareness and appropriate levels of engagement as part of response activities.
Provide guidance and recommendations to your leadership, peers, and stakeholders across the team to support effective decision‐making during incident response, post‐incident, and prevention phases.
Identify systemic issues, reoccurring problems, and identified threats/vulnerabilities to our Fraud Problem Management function, ensuring these and other root‐cause contributors are captured within post‐incident reviews.
Act as an SME resource to our Fraud Problem Management team to support appropriate and effective resolutions for identified problems.
Work to maintain and exceed established incident management KPIs including mean‐time‐to‐detect (MTTD), mean‐time‐to‐containment (MTTC), and mean‐time‐to‐remediation (MTTR) as measured by event type and severity.
Identify and recommend changes to cyber‐fraud monitoring and alerts that you and your colleagues receive to ensure ongoing improvements to our early‐detection efforts.
Provide mentorship and coaching to new members of the team to ensure adherence to our incident protocol, incident communication matrix, service‐level commitments, and all associated playbooks.
Regularly recognize and reinforce high‐quality work and behaviors of your peers and others within the Bank that contribute to the success of our mission.
Based on lessons learned during incident response, identify suggested changes to our comprehensive incident management playbooks outlining processes, tools, data, and technology requirements, as well as communications protocols and cross‐functional interaction models with key internal partners (ex. IS&C;, Crisis Management, Corporate Security, and technology).
Engage with vendors supporting our team with cyber‐fraud incident response and red‐teaming.
Maintain ongoing awareness of the cyber‐fraud threat landscape, including through certification, continuing professional education (CPE), industry group participation, threat intelligence feeds, and direct research.
Deliver training within Fraud Management teams and business lines to increase their preparation for, and ability to manage potential incidents that may impact their operations and customers.
Understand and apply the Bank's risk appetite and risk culture for day‐to‐day activities and decisions.
Contribute to the overall success of the Global Fraud Management function,
ensuring specific individual goals, plans and initiatives are delivered in support of the team's business strategies and objectives.
Ensure all activities are conducted in accordance with Scotiabank's values, Code of Conduct, and are in compliance with governing regulation and internal policies, procedures, and standards.
Dimensions
Lead incidents in response to significant disruptive events in direct partnership with peers across Crisis Management, Cybersecurity Operations, Corporate Security, Privacy, Legal, and Global Incident Management.
Operate and prioritize under pressure with minimal direction in a changing environment.
Bring personal presence, confidence, and ability to operate with the highest level of discretion and confidentiality.
Be a adaptable and creative thinker with the ability to define business tradeoffs, generate out‐of‐the‐box solutions, and manage uncertainty; proactively identify and solve complex problems impacting management and business direction.
Education / Experience / Other Information
3+ years working in a cyber‐fraud or security incident management role.
One or more relevant cybersecurity industry certifications (ex. CISSP, CISM, CISA, GCIH, ITCA, etc.).
Demonstrated knowledge of incident management, threat‐intelligence, and customer identity & access management (CIAM).
Knowledge of relevant Canadian regulatory bodies.
Other relevant certifications are an asset (ex. CFE, CIPP/C, ITIL, etc.).
Bachelor's degree in computer science, cybersecurity, or similar is an asset.
Bilingual in Spanish is an asset.
Reporting Relationships
Primary Manager: L8 Senior Manager, Incident Management
Direct Reports: None (individual contributor, but provides mentorship for newer team members)
Location
Colombia: Bogota
#J-*****-Ljbffr
Postúlate en Kit Empleo: kitempleo.com.co/empleo/1b1oiq
📌 Incident Manager (Bogotá)
🏢 Scotiabank
📍 Bogotá