Senior Manager - IT Risk
Requisition ID: 84900
Join the Global Community of Scotiabankers to help customers become better off. Canadian Banking Technology (CBT) IT Risk Advisory
team plays an important role in the Bank's Three Lines of Defense Framework, providing First Line of Defense for CBT and the Bank for all technology risk domains, including Cyber Security, Data Privacy, Software Currency, Disaster and Backup Recovery, Third Party Management, and Audit and Regulatory issue remediation. There are many exciting opportunities to grow in the areas of risk management, business technology development and work with many cross-functional teams within the Bank, such as Information Security & Control (IS&C), Internal Audit, Office of Chief Technology Office (OCTO) , Business Operational Risk, Tech Risk (2 nd line of defense), and other CIO areas.
The role supports the Director, IT Risk Advisor to achieve CBT's top priorities of Stability and Risk by collaboratively assessing, analyzing and quantifying IT risk, designing controls and assisting in their implementation.
Part of a strategic and comprehensive IT Risk Management function ensures control implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices. Key Accountabilities
- Work with the Director: Identify, assess, prioritize and report on material IT risks for IT and aligned business areas. This will require working with risk owners under various VP/leadership teams.
- Conduct detailed IT risk assessments and ensure that IT Risk assessments and outputs are recorded in enterprise tools and are in full compliance of defined policies and common standards, including the IT Risk Management Policy and Framework.
- Perform IT risk control testing and monitoring (as applicable), and ensure that testing activities are conducted in compliance with governing regulations, internal policies and procedures.
- Identify pervasive IT risk issues or issues that are common across the landscape and help implement preventative controls across IT&S.
- Partner with other risk groups to assess, implement and communicate new/updated risk controls, frameworks, policies, risk indicators, metrics and limits.
- Develop strong relationships with the IT Risk Owners by acting as the first line non-financial risk advisor and the primary conduit between the Risk Owners and the Second Line of Defense.
- Challenge the design and implementation of Risk Owner initiatives and collaborate in the design of risk controls and the mitigation of key risk issues and control gaps.
- Act as the enterprise Regulatory Compliance Management (eRCM) coordinator for the Risk Owners which includes ensuring the controls inventory is accurate and capturing the impacts of new regulations.
- Assist the IT Risk Director with developing the annual IT Risk strategy and plan.
- Continuously identify opportunities to improve effectiveness and enhancements of risk identification and management policies and processes.
- Lead a team of risk professionals to support CBT priorities in various risk domains, drive delivery of various risk related initiatives, provide coaching and guidance to develop team members and ensure team effectiveness and results
Education / Experience
- Candidates require strong leadership, communication and strategic influencing capability, supported by well-developed analytical and strategic thinking competencies.
- Solid knowledge of banking businesses including related systems and procedures.
- Strong ability to balance competing or conflicting goals of various departments and stakeholders which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.
- Works independently with minimum guidance in only the most complex situations, being able to manage ambiguity by exercising judgement based on precedents and leveraging multi-faceted information and take full accountability to drive and deliver results.
- Candidates should have a breadth of IT and Risk management experience (governance, operations, audit, control functions, compliance, and risk management) over 7+ years.
- Data analytics, Visual dash-boarding (PowerBI/Tableau) and presentation preparing skills are desirable.
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and Certified in Risk and Information System Control (CRISC) are desirable.
Location(s): Canada : Ontario : Scarborough || Canada : Ontario : Toronto
As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. Our employees are committed to a superior customer experience and use the Bank's six guiding sales practice principles to ensure they act with honesty and integrity.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted. Job Segment:
Risk Management, Bank, Banking, Developer, Law, Finance, Technology, Legal