Senior Analyst, Vulnerability Management Operations Reporting

Requisition ID: 196343Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

As part of the Vulnerability Management team, you will assist in managing and reporting the remediation of application & systems to bring them into compliance with Bank & Industry Security Standards. This position will work with assessors to develop remediation plans, collect relevant artifacts that demonstrate compliance and work with system and application teams to remediate findings. The Vulnerability Management Reporting Analyst will work closely with all areas of security, business technology and associated business partners.

This individual will work closely with all areas of the business and technology including, infrastructure, engineering, architecture, operations and application teams.

Is this role right for you?

• The candidate must have an understanding of vulnerability management and patch management processes.
• This role will work with application, infrastructure, and governance teams to inform them of discovered vulnerability and compliance issues.
• The candidate needs to be able to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
• The candidate must be able to identify what information must be gathered to validate findings and remediation efforts.
• Provide security expertise as requested and clearly communicate status and concerns to all levels of management.
• Maintain accurate information in the teams tracking tool and support departmental metrics and KRI reporting.
• Generate on demand and scheduled reporting.
• Leverage security expertise to contribute to program enhancement and continuous improvement efforts, and other team activities.
• Identify areas that can be automated and streamlined and develop new processes to make processes more efficient.

Do you have the skills that will enable you to succeed in this role?

• You possess advanced communication (verbal/written/presentation) skills in English. The same in Spanish is a strong asset.
• You have a Bachelor’s Degree or 2+ years’ experience in information security, risk management, business analytics or information technology
• You have knowledge of how common software and web application vulnerabilities are disclosed and tracked by standards groups and application vendors.
• You have used industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations.
• You have experience with automation using Python and Rest APIs
• Security certification(s) (e.g. CISSP, CISM, CCSP, CRISC etc.) would be an asset(s).

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.  
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance. 
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.

Location(s): Canada : Ontario : Toronto Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.