Purpose

We are seeking a highly skilled and experienced Lead Policy Engineer specializing in Email and Web Security to join our Cybersecurity team. The successful candidate will be responsible for the design, implementation, governance, and continuous improvement of security policies related to email protection, web proxy, and content filtering technologies. This individual will lead efforts to reduce attack surfaces, mitigate threats, and ensure policy compliance across the enterprise environment.

Is this role right for you? In this role you will:

• Lead the design and implementation of enterprise-wide policies for email and web security platforms (e.g., Microsoft Defender for Office 365, Proofpoint, Cisco Email Security, Zscaler, Symantec, Forcepoint).
• Define and manage content filtering policies to control sensitive data movement over email and web channels.
• Tune and optimize policies to reduce false positives while maintaining strong protection against phishing, malware, and data exfiltration.
• Collaborate with Security Operations, IT, Legal, and Compliance teams to define acceptable use policies and incident handling workflows.
• Perform risk assessments and impact analyses related to changes in policy or new controls.
• Lead incident response support and forensic analysis involving email and web-based threats.
• Document policies, technical configurations, change management records, and exceptions.
• Review and analyze email and web security telemetry to identify patterns and policy improvements.
• Maintain expert-level understanding of email threat vectors, web-based attacks, zero-day exploit prevention, sandboxing, TLS inspection, and user behavior analytics.
• Assist with integration and automation of policy enforcement via APIs and SIEM

Do you have the skills that will enable you to succeed in this role? We’d love to work with you if you have:

• Minimum 7+ years of experience in cybersecurity, with 3+ years focused on email and web security.
• Strong hands-on experience with one or more platforms:
  • Email: Proofpoint, Cisco ESA, Symantec
  • Web: Zscaler ZIA,  Forcepoint Web Proxy, Broadcom
• Advanced knowledge of mail routing, SPF/DKIM/DMARC, TLS, SMTP filtering, URL filtering, and CASB functionality.
• Solid understanding of Zero Trust, SASE, and Cloud Security Architectures.
• Proficiency in policy development, regex, YARA rules, JSON/XML-based configurations, and policy scripting.
• Experience with SIEM/SOAR, EDR integrations, and automated alert enrichment.
• Strong analytical, communication, and documentation skills.
• Familiarity with regulatory frameworks such as GDPR, HIPAA, SOX, and ISO 27001.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.
• Community Engagement - No matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs.