Senior Cybersecurity Investigator, Cybersecurity Monitoring & Triage

Title: Senior Cybersecurity Investigator, Cybersecurity Monitoring & Triage Requisition ID: 258964

Purpose Reporting to the Senior Manager, Monitoring and Triage team, the Team Lead is responsible for leading investigators in reviewing, assessing, and investigating network and data security events. They work with the team to take actions against various network and data security use‑cases while coordinating key programs that impact all divisions within the Cybersecurity Operations (CSOps) organization and all of Information Security & Controls (IS&C).

What You’ll Do

Lead and drive a customer focused culture throughout the team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.

Conduct real‑time triage, analysis and aggregation of security events and logs from the SIEM and controls such as the IDS, firewall, and anti‑malware.

Analyze and interpret data from multiple sources, document the results and provide meaningful analysis reports and briefings.

Track repetitive or noisy alerts and identify tuning opportunities.

Use industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams and visual presentations.

Maintain continuous SOC readiness by managing shift coverage, handovers, and escalation continuity.

Understand how the Bank’s risk appetite and risk culture should be considered in day‑to‑day activities and decisions.

Is this role right for you?

Passionate about utilizing technical knowledge to perform cybersecurity investigations using various analytical methods and technologies.

Thrives in using different solutions to enhance the company’s global security monitoring.

Excels in using available intrusion detection infrastructure to detect and remediate threats.

Enjoys investigating and reviewing suspicious activities reported by customers or other employees of the bank.

Enjoys taking part in initiatives to contribute to the strategic direction for security related technologies or other controls that need to be put in place to reduce the threat levels to the company.

Thrives in effectively breaking down complex technology knowledge & communicating the same to non‑technical people.

What You’ll Bring

Advanced communication (verbal/written/presentation) skills in English. Proficiency in Spanish is a strong asset.

At least one year of hands‑on technical working experience in performing any of network security, information security, network and IT support or any other related fields.

Developed capabilities in prioritizing and completing assigned tasks in a timely manner and providing oversight and training to other less experienced team members.

Based on the results of investigations, able to determine escalation path and engage other teams involved in the investigation.

Working knowledge of various network principles, cybersecurity concepts, investigation procedures, and adversary techniques.

Strong analytical and problem‑resolution skills.

Experience with 24/7 split shifts monitoring team in a rotational basis.

Ability to conduct investigations across multiple security technologies.

Post‑secondary education in Computer Science or a related field.

Certifications such as GSEC, CompTIA Security+, CCNA, CompTIA Networking+, ITIL, CEH, and OSCP are nice to have.

Working Conditions Work in standard office‑based environments located in Scarborough and Downtown Toronto; non‑standard hours are a common occurrence. No external travel required.

What's in it for you

Part of a global information security team supporting various business lines.

Opportunity to work on various applications and complex projects.

Primary office in Scarborough is newly renovated with a design focus on enabling collaboration.

Role is in person.

Onsite cafeteria and complimentary hot beverage stations.

Minutes by TTC bus from Warden subway station on Line 2.

Free employee shuttle service connecting the IT campus with nearby GO stations.

Free onsite & offsite employee parking with charging stations for electric vehicles onsite.

Comfortable dress code.

Tools and technology to create customer experiences.

Inclusive and collaborative working environment encouraging creativity and success.

Work with and learn from diverse industry leaders.

Innovation and continuous learning environment.

Competitive total rewards package, including performance bonus, company matching pension & employee share ownership, generous vacation; health/medical/wellness benefits; employee banking privileges.

Location Canada : Ontario : Toronto

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know.

Candidates must apply directly online to be considered for this role.

#J-18808-Ljbffr