SR PENTEST SERVICE ADVISOR Enviar candidatura ahora » **Fecha:** 17 jul 2025 **Ubicación:** Miguel Hidalgo, MEX, MX **Empresa:** Scotiabank **ID de la solicitud** : 231323 **Rango Salarial** : - _El rango salarial indicado es solamente una guía. El salario ofrecido puede variar dependiendo de toda una serie de factores, que incluyen entre otros los conocimientos, experiencias y habilidades relevantes del candidato seleccionado._ Únase a un equipo ganador con un propósito claro, comprometido con el logro de resultados en una cultura inclusiva y de alto desempeño. **Purpose** Contributes to the overall success of the Cyber Security Red Team / Cyber Security Operations in Canada ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives. Ensures all activities conducted are in compliance with governing regulations, internal policies and procedures. **Accountabilities** • Support scoping of penetration testing engagements to assess plausible attack vectors, accurately estimate level of effort, and determine the best approach to test areas of risk. • Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions. • Champion a high-performance environment and contributes to an inclusive work environment. • Identify, validate and document vulnerabilities, misconfigurations or other security risks. • Provide clear, actionable recommendations for mitigating identified vulnerabilities to both technical and non-technical stakeholders. • Maintain currency on emerging threats, vulnerabilities and industry relevant best practices. • Contribute to the creation or maturation of internal tooling, scripts or methodologies used for penetration testing. • Provide guidance or mentorship to junior team members or non-technical staff on security best practices. • Perform comprehensive security assessments from vulnerability identification, validation and reporting. • Document and execute on detailed scope and methodologies aligned with industry and organizational policies and standards. • Collaborate with developers, engineers and other security teams to validate remediation efforts. • Participate in post-assessment debriefs with engagement stakeholders to understand assessment execution and outcomes. **education / experience** • Ability to understand and apply knowledge of relevant testing methodologies: o OWASP - Mobile Security Testing Guide (MSTG) o OWASP - Web Security Testing Guide (WSTG) o Penetration Testing Execution Standard (PTES) for Infrastructure Penetration Testing o Common Vulnerability Scoring System (CVSS) • Possesses at least one industry specific certification such as OSCP, GCPN, OSWE, GWAN, OSWP, or equivalent. • Possess strong communication skills to articulate penetration testing findings and methodologies leveraged in a business context. **_At Scotiabank, we value the unique skills and experiences that each person brings to the bank and are committed to creating and maintaining an inclusive and accessible environment for all. All employees must comply with the bank's policies, standards, codes, and guidelines related to non-discrimination and workplace accommodations._** **_"If you need any accessibility accommodations during the process, please inform our Talent Acquisition team."_** **_**Under no circumstances will we request pregnancy or HIV tests.**_** Ubicación(s): México : Ciudad de México : Miguel Hidalgo Scotiabank es un banco líder en las Américas. Inspirándonos en nuestro propósito corporativo, “por nuestro futuro”, ayudamos a nuestros clientes, sus familias y sus comunidades a lograr el éxito a través de una completa gama de asesoría, productos y servicios en los sectores de banca personal y comercial, gestión patrimonial, banca privada, corporativa y de inversión, y mercados de capital. En Scotiabank, valoramos las habilidades y experiencias únicas que cada persona aporta al Banco y nos hemos comprometido a crear y mantener un entorno inclusivo y accesible para todos. Si necesitas algún tipo de adaptación (como, por ejemplo, un lugar accesible para la entrevista, documentos en formato alternativo, un intérprete en lengua de señas o tecnología de asistencia, entre otras cosas) durante el proceso de reclutamiento y selección, indícalo a nuestro equipo de Reclutamiento. Si necesitas apoyo técnico,haz clic aquí (https://www.scotiabank.com/careers/en/careers/technical-support-for-applicants.html) . Los candidatos deben postularse directamente en línea si desean ser tomados en cuenta para este puesto. Agradecemos a todos los candidatos por su interés en esta oportunidad profesional en Scotiabank, pero solo nos comunicaremos con aquellos que hayan sido seleccionados para una entrevista.