Purpose We are looking for a dynamic and experienced Lead Network Security Engineer to join our team. As the Lead Network Security Engineer, you will be responsible for providing technical leadership and strategic direction in the design, implementation, and management of network security solutions and platforms. You will play a pivotal role in protecting Scotiabank's network infrastructure from evolving cyber threats and ensuring the confidentiality, integrity, and availability of our systems and data. As the Lead Network Security Engineer under Security Engineering & Deployment, you will work with a diverse team, leveraging industryleading technology and processes to engineer, maintain, integrate and automate security tools and infrastructure. You will contribute to the overall success of the Network Security Engineering team with a global focus on Network Security supporting the achievement of the Banks information security objectives of integrity, confidentiality/privacy, availability, and continuity. What Youll Do - Define Network Security vision, strategy and operational policies based on industry standards and trends. Develop and implement network security strategies and procedures to mitigate risks and enhance the overall security posture of the organization. - Take technical ownership of Network Security Engineering initiatives from proposals to designs through to production implementation. - Participate in the evaluation and vendor selection process for new Network Security technologies by preparing RFPs, bid proposals, contracts, scope of work reports, and other documentation for IT projects and associated efforts. - Collaborate with crossfunctional teams to integrate security best practices into the design and implementation of new network security technologies and initiatives. - Evaluate network security resiliency and performance to provide statistical reports and enhancement recommendations to executives, stakeholders and department heads. - Assess emerging threats and vulnerabilities and recommend proactive security measures to safeguard against potential attacks. - Identify technology and security gaps, develop comprehensive mitigating strategies and contingencies. - Collaborate with Business and other technology groups to ensure that all initiatives are appropriately assessed and reviewed in terms of risk and security compliance. - Provide leadership and technical guidance through security and threat reviews. - Coordinate the review of policies and procedures to ensure compliance with disaster recovery and contingency plans. - Conduct regular security assessments and audits to identify gaps in security controls and implement remediation measures as needed. - Research, review and stay informed on newly emerging technologies. - Serve as a subject matter expert on network security technologies, trends, and industry best practices. What Youll Bring - Bachelors degree in Computer Science, Information Technology, or related field. Advanced degree or relevant certifications (e.g., CISSP, CCNP Security, CEH) preferred. - 5+ years of leadership experience with demonstrated success in implementing continuous improvement and strategic initiatives. - 8+ years of experience in network security engineering or related role planning, designing and deploying largescale enterprise or datacenter infrastructure/technologies. Indepth knowledge of network security principles, protocols, architectures and technologies. - Google/Azure Cloud Security Engineering, CISSP, CCSP experience. - Indepth working knowledge of network security principles, protocols, architectures and technologies is essential. This includes strong knowledge of industry leading technology providers within the following spaces: Network Access Control (NAC), Email Security, Network Segregation and Microsegmentation, Content Delivery Network (CDN), Zero Trust Security Architecture (ZTA) and SoftwareDefined Perimeter (SDP), Secure Access Service Edge (SASE). - Familiarity with Google and Azure cloud computing platforms and understanding of cloud security best practices. Ability to implement security controls, monitor cloud environments, and address unique security challenges in the cloud. - Experience designing and operating secured DDoSresilient infrastructures with WAF, CDNs, SLB, security gateways and content filtering. - Demonstrated excellence in documenting complex enterpriselevel systems, processes, and proactively sharing and communicating complex technical information. - Excellent knowledge of information security standards and best practices. - Excellent knowledge in overall network security assessment, penetration testing and vulnerability management. Abilities - Ability to recommend areas of operational system and process improvements. - Demonstrated excellence in documenting complex enterpriselevel systems and procedures, and proactively sharing and communicating complex technical and procedural information. - Sound understanding of general business conditions and practices with ability to think strategically and translate business requirements into effective security solutions. - Strong understanding of regulatory compliance requirements and industry standards related to network security (e.g., ISO 27001, NIST, PCI DSS). - Proficiency in conducting risk assessments, identifying vulnerabilities, and assessing the potential impact of security threats. Ability to develop risk mitigation strategies and prioritize security measures based on risk levels. - Ability to interact and effectively communicate technology concepts to senior business managers. Attributes - Proactive and resultsoriented with good time management skills, and ability to work well under pressure and focus on multiple priorities concurrently. - Commitment to staying updated with the latest cybersecurity trends, technologies, and best practices. Ability to adapt to evolving security threats and technological advancements to continuously improve network security posture. - Excellent communication skills to convey complex technical concepts to nontechnical stakeholders. Ability to engage with business leaders, IT teams, and external partners to articulate security risks, requirements, and solutions. - Excellent organizational, interpersonal and presentation skills. - Very handson person, who embraces new technologies and concepts. Working Conditions Work in standard officebased environments located in Scarborough and Downtown Toronto; nonstandard hours are a common occurrence. No external travel required. Whats in it for you? - Diversity, Equity, Inclusion & Allyship We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and embraced through biasfree practices and inclusive values across Scotiabank. We provide opportunities for all employees to learn, grow, and participate through our Employee Resource Groups (ERGs) that span diverse gender identities, ethnicity, race, age, ability, and veterans. - Accessibility and Workplace Accommodations We value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. - Upskilling through online courses, crossfunctional development opportunities, and tuition assistance. - Competitive rewards program including bonus, flexible vacation, personal, sick days, and benefits starting on day one. - Community Engagement We offer opportunities for community engagement and belonging with our various programs. Location(s): Canada : Ontario : Toronto #J-18808-Ljbffr
Job Title
Lead, Network Security Engineer