Senior Lead, Cloud Security Platform Solutions, Toronto

Senior Lead, Cloud Security Platform Solutions Requisition ID: 260539

Join a purpose driven winning team, committed to results, in an inclusive and high‑performing culture.

Scotiabank continues to be an industry leader for Payments technology and innovation. We leverage new tools to enable new experiences for our customers while protecting their interests and goals, and we are modernizing our payments programs to offer enriched information and transparency to support the rapidly evolving payments community.

Role Description

Scotiabank’s Cloud Security Advisory Services team provides advisory services to business lines, subsidiaries and affiliates, enabling the Bank’s Information Security as it moves to the Public Cloud.

Responsibilities

Provide guidance to business lines to ensure design, development and implementation of complex cloud projects comply with the Bank’s Information Security Standards and industry regulations.

Support multiple security domains (Application Security, Data Protection, Cloud Security Engineering, Identity&Access Management, Cloud Security Architecture, Network Security, Risk Management) and apply Zero Trust Architecture principles.

Design and implement security controls for cloud‑based applications and infrastructure.

Develop and enforce security patterns, policies, standards and procedures to protect the integrity, availability and confidentiality of the organization’s cloud infrastructure.

Integrate security tools and practices into the DevOps pipeline to ensure continuous delivery without compromising security.

Conduct security reviews of cloud‑native applications and platforms, identifying vulnerabilities and providing remediation strategies.

Assist in implementing and managing security monitoring tools to detect threats, anomalies and potential security incidents in cloud environments.

Collaborate with the incident response team to ensure cloud‑specific threats are addressed and mitigated.

Conduct regular security assessments, review vulnerability scans and penetration testing reports of cloud applications and platforms.

Coordinate with DevOps and IT teams to apply necessary patches and security updates across cloud infrastructure.

Ensure cloud security solutions align with industry regulations and organizational compliance requirements.

Manage the audit process for cloud security, responding to compliance assessments and third‑party audits.

Evaluate new cloud security controls, technologies, tools and processes to enhance the organization’s security posture.

Stay informed and well versed on financial industry regulations in different regions based on practical experience.

Qualifications

Post‑secondary education in Computer Science or related field.

At least 5 years of hands‑on technical experience performing security assessments on cloud platforms, CI/CD deployment pipelines, network infrastructure and complex applications.

At least 6 years of experience in security solution architecture, software development or implementation of cloud environments and security controls.

Strong communicator capable of creating clear documentation.

Solid knowledge of cloud technologies and cloud security (GCP, Azure or AWS, Kubernetes, IAM, CI/CD pipelines, Terraform, infrastructure as code).

Experience with GCP and Kubernetes is a strong asset.

Experience with tools used to secure cloud deployments such as CNAPP, CSPM, CWPP, etc.

Cloud security engineering or cloud solution architecture certifications from Google, Microsoft or AWS.

Experience with industry‑leading productivity tools to produce quantitative/qualitative reports, data flow diagrams and visual presentations.

Certifications such as CISSP, CISM, CCSP, CRISC are nice to have.

Familiarity with standards and frameworks (NIST 800‑53, ISO 27001/27002/27017/27018, PCI DSS, CIS).

Advanced communication skills in English; knowledge of Spanish is an asset.

What You’ll Bring

Strong experience leading complex projects and providing security advice to mitigate information security risks.

Ability to solution multiple security domains and think systematically about Zero Trust.

Proficiency in reviewing architecture and solution design documentation and assessing potential risks.

Passion for new technologies and implementing security controls to protect them.

Comfort working on projects of varying complexity.

Collaborative mindset working with business lines, IT support, and IS&C Control functions.

Benefits

Join a team focused on building cloud platforms as products, enabling delivery teams across the enterprise.

Diversity, Equity, Inclusion&Allyship: inclusive culture, respectful of all identities, and support through ERGs.

Accessibility and Workplace Accommodations: commitment to removing barriers and meeting accessibility requirements.

Upskilling through online courses, cross‑functional development opportunities, and tuition assistance.

Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits from day one.

Community Engagement opportunities across programs.

Location: Canada, Ontario, Toronto

#J-18808-Ljbffr