Manager, U.S. Cyber and IT Risk Management (222215)

Requisition ID: 222215

Salary Range:90000.00-167200.00

Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors including but not limited to the successful candidates relevant knowledge skills and experience.

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

Global Banking and Markets

Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America operating globally for over 100 years. Scotiabanks strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world.

Global Banking & Markets provides a full range of investment banking credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing mergers & acquisitions corporate banking institutional equity sales trading and research fixed income products derivatives energy foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group.

Be part of an innovative Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future!

Purpose

The role will contribute to the implementation of the U.S. Cyber and IT Risk Management Framework across the second line of defense. The framework encompasses oversight reporting governance communications and education. As part of the second line of defense for businesses in the United States IT Risk provides independent oversight and challenge as well as assists in the development of the methodologies policies process and tools to support the U.S. Cyber and IT Risk Management Framework.

Contributes to the overall success of Cyber and IT Risk Management in the United States ensuring specific individual goals plans initiatives are executed / delivered in support of the teams business strategies and objectives. Ensures all activities conducted are in compliance with governing regulations internal policies and procedures.

What Youll Do

• Assists with the development of U.S. Cyber and IT Risk Management Framework and best practices within the Bank while acting as a center of excellence for IT and Cyber Risk in the U.S.
• Collaborates with the lines of business by acting in a consultative capacity to advise on IT risks that influence their business and ability to meet established strategic objectives while maintaining oversight and objective challenge.
• Executes effective challenges of IT Risk components of the first line in the Risk & Control Self-Assessment (RCSA) process for the U.S. covering Legal Entities Processes and Business Lines.
• Executes effective challenge of IT Incidents to define root causes and provides input into remediation actions.
• Assists with Deep Dives to assess the effectiveness of controls surrounding key processes and to identify remediation for gaps to actively and demonstrably mitigate IT risks.
• Executes challenges IT risks within scenario analysis.
• Monitors Cyber security risks and the controls in place within the bank as well as external Cyber security reporting which may impact the bank.
• Monitors compliance with IT Risk Policies Standards and Guidelines.
• Coordinates monthly U.S. Information Risk Working Group meetings.
• Assists with monthly and quarterly IT and Cyber Risk reporting for U.S. committees and senior management

RISK MANAGEMENT:

• Has good knowledge of risk management practices required to create a culture of risk management compliance.
• Identifies assesses and monitors IT related risks based on risk management policies and procedures.
• Executes and challenges work of first line of defense for risk management purposes.
• Exhibits best practice risk management skills through effective internal risk controls risk monitoring risk assessment and improvement of risk management processes.
• Understands how the Banks risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabanks Values its Code of Conduct and the Global Sales Principles while ensuring the adequacy adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational compliance AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.

What Youll Bring

• Some expertise in IT Risk Management (e.g. Logical Access Data Leakage Disaster Recovery)
• Experience with Cybersecurity Risk Management is preferred
• 3-5 years of experience in technology departments and/or risk management preferably in a financial institution
• Industry certifications desirable (e.g. ISACA CRISC) or a desire to quickly obtain one
• Knowledge of relevant regulatory rules (FFIEC NYDFS 500) and frameworks (NIST COBIT) is preferred

Interested

If your experience is closely related but doesnt align perfectly with every qualification we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank!

At Scotiabank every employee is empowered to reach their fullest potential respected for who they are and embraced for their differences. Thats why we work to grow and diversify talent and engage employees in a performance-oriented culture.

Whats in it for you

Scotiabank wants you to be able to bring your best self to work and life every day. With a focus on holistic well-being our many flexible benefit programs are designed to help support your unique family financial physical mental and social health needs.

Location(s): United States : New York : New York City

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.