The Team:

The Enterprise Security Services team is a dynamic group of cloud security professionals driving innovation and resilience across the organization’s cloud environments. Embedded within the Cloud & Platform Engineering (CAP) Program, the team plays a pivotal role in the Cloud Native Application Protection Platform (CNAPP) strategy, with a strong focus on Cloud Workload Protection Platform (CWPP) and Kubernetes Security Posture Management (KSPM).

We work at the intersection of security, engineering, and compliance, collaborating closely with platform teams, architects, and risk stakeholders to define and enforce scalable, policy-driven controls. Our mission is to empower secure cloud adoption through automation, transparency, and continuous improvement—ensuring that security is not a blocker, but a built-in enabler of innovation.

The Role:

As a Policy Engineer within the Enterprise Security Services team, you will play a strategic and hands-on role in shaping the security posture of our cloud environments. This position is central to the success of our Cloud Workload Protection Platform (CWPP) and Kubernetes Security Posture Management (KSPM) initiatives, supporting the broader Cloud Native Application Protection Platform (CNAPP) roadmap.

You will be responsible for translating complex regulatory, architectural, and risk requirements into actionable, scalable cloud security policies. Working closely with platform engineering, cloud architects, and Policy-as-Code teams, you will ensure that security controls are seamlessly integrated into CI/CD pipelines and cloud-native workflows.

This role demands a strong technical foundation in GCP or Azure, hands-on experience with tools like Wiz, SCCE, and Terraform, and a deep understanding of policy-as-code principles. You’ll also collaborate with compliance and audit teams to ensure traceability and alignment with industry standards, while continuously optimizing policy effectiveness through data-driven insights.

If you're passionate about cloud security, policy automation, and enabling secure innovation at scale, this role offers a unique opportunity to make a meaningful impact.

Is this role right for you? In this role, you will:

• Design and implement cloud security policies that align with regulatory standards, technical design documents, and enterprise risk frameworks.
• Collaborate with cross-functional teams including platform engineering, cloud architecture, and Policy-as-Code teams to ensure seamless policy integration and enforcement.
• Translate control objectives into actionable policies using tools like Open Policy Agent, Terraform, and CSPM platforms such as Wiz and SCCE.
• Support policy lifecycle management—from intake and triage to validation and deployment—ensuring alignment with the CNAPP product roadmap.
• Work closely with compliance and audit teams to ensure traceability of policies to frameworks like CIS benchmarks and provide documentation for regulatory reviews.
• Monitor and report on policy effectiveness, exceptions, and violations to drive continuous improvement and risk reduction.
• Champion automation and scalability by embedding security controls into CI/CD and IaC pipelines, enabling secure development without friction.

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• 3–5 years of hands-on experience in cloud security, platform engineering, or policy implementation—preferably in Azure or GCP environments.
• Proficiency with Cloud Security tools such as Wiz, SCCE, Defender, Prisma, or Datadog.
• Experience with Policy-as-Code frameworks like Open Policy Agent (OPA) and Terraform validations.
• A strong understanding of regulatory frameworks (e.g., CIS benchmarks, NIST, ISO) and how they translate into technical controls.
• A collaborative mindset with the ability to work across engineering, architecture, compliance, and risk teams.
• Excellent communication skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
• A passion for automation, scalability, and continuous improvement in cloud security operations.
• A bachelor's degree or equivalent experience in a related field.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!