View all jobs

Manager - Cyber Fraud Incident Management

Toronto, ON
The role of Manager, Cyber-Fraud Incident Management is responsible for cyber- fraud threat prevention, incident management and response. Serving as a key subject matter expert (SME) within the Protect Platform, this position works with a team of cyber-fraud incident specialists and managers to manage and mitigate cyber-fraud risk.
Using threat detection, analysis, correlation capabilities and tools, this role supports the development of a comprehensive picture of the short to long term cyber-fraud threat landscape and is expected to support in designing controls, practices and solutions to prevent, detect and mitigate these threats and events. This role works closely with team members across the Cyber-Fraud and broader Protect Platform team.

Responsibilities :
  •  Provide incident management response and support on a 24/7 basis (or as needed) from triage through to containment and remediation
  • Ability to provide leadership and technical guidance on related major incident conference calls
  • Lead or participate in post incident reviews to ensure continuous learning and identify recurring themes across multiple incidents that may require dedicated attention
  • Through thorough incident analysis, identify and propose solutions to reduce our attack surface and exposure to cyber-fraud incidents targeting global infrastructure including but not limited to online and mobile banking and investment, insurance, and loyalty web-applications and other customer and non customer facing platforms
  • Rapid response, analysis, recommendations associated with third-party data compromise events that have a direct effect on customer digital authentication
  • Produce and maintain incident documentation in various formats including incident chronology, stakeholder status updates, executive briefing notes, and post-incident reports
  • Act as a leader within the team and provide coaching and support to the Cyber- Fraud Analysts, ensuring quality and efficiency for event and incident activities and appropriate documentation
  • Meet with peers and the broader team on a regular basis to present results and action plans related to problem management activities and regulatory requirements
  • Facilitate meetings with and provide communications to internal business groups including CISO, Fusion, Digital, Legal, Privacy, ORM, and FRM and executives throughout incident and problem lifecycle
  • Contribute to the advancement of incident management capabilities
  • Ensure that identified problems are referred to an appropriate problem management team or process and participate in required advocacy
  • Ability to collect and document business requirements related to cyber-fraud projects and initiatives
  • Ability to convey business and data requirements to support automation of existing manual analysis
  • Conduct retrospective analysis framework to deepen understanding around existing and emerging attack modalities
  • Supports Cyber Fusion strategic initiatives including investigations and risk-assessment, testing, and solutioning activities
  • Supports the expansion of incident management model across other functional teams (including North American Fraud Operations)
The incumbent should possess strong experience in cyber security and/or cyber enabled fraud, with strong expertise in a combination of incident management, digital identity proofing; risk-based authentication and authentication logic flaws; bot-mitigation; and security information and event management tools.  The incumbent must demonstrate a history of positive outcomes in advocacy work with a cross-functional executive audience. They must maintain the highest professional standards regarding personal conduct while performing work and must possess the ability to communicate complex information, concepts, and ideas in a confident, well organized, and succinct manner.

  • Minimum of five (5) years of experience with cyber-fraud or information security incident management in a financial services environment
  • Experience and confidence in presenting to both peers and executive audiences with a demonstrated ability to gain consensus
  • Detail oriented with a well-developed technical aptitude and strong analytical, deductive reasoning, organizational, and problem identification skills
  • Proven ability to lead with confidence, competence, and professionalism
  • Ability to work under pressure in a constantly evolving environment while maintaining quality
  • Exercises excellent judgement and has personal integrity when handling sensitive/confidential information
  • A proven track record of using teamwork and influence to create a competitive advantage
  • Leader, self-sufficient, and team player who can function autonomously

Knowledge of technical concepts associated with financial industry cyber-fraud, specifically including the following:
  • Risk-based authentication concepts and potential logic flaws
  • Audit logging and risks associated with ineffective log governance
  • Network technologies generally and network security concepts
  • Vulnerability management and security testing concepts
  • Forensic investigation concepts

Additional Information
  • Working knowledge of ITIL V4 Service Management Framework with specialization on Incident and Problem Management processes (Foundation certification preferred)
  • Related industry certification is an asset (preferred CISSP, CISM)
  • Preferred computer sciences degree or equivalent experience
  • Preferred incident handler / manager certification (ex. GCIH)

More Openings

Helpdesk Level 2 Support
System Admin
Deployment Supervisor

Share This Job

Powered by