Senior Manager, Cybersecurity & IT Risk (Global Risk Management)

Requisition ID: 234246

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

The incumbent will contribute to the overall success of Cyber & IT Risk Management Global Risk Management (GRM) globally ensuring specific individual goals plans initiatives are executed/delivered in support of the teams business strategies and objectives. Ensures all activities are conducted in compliance with governing regulations internal policies and procedures.

Collaborate with top-tier professionalsacross business-aligned risk leads first line of defense (1LOD) Regulatory Relations Internal Audit and the Enterprise Technology Risk Management team. Together you will identify assess and mitigate Cyber Security risks while ensuring effective communication with senior management and stakeholders.

As part of the second line of defense the Cybersecurity and IT Risk team provides independent oversight and challenge and assists in developing methodologies policies processes and tools to support the Cyber and IT Risk Management Framework.

Is this role right for you In this role you will:

• Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships systems and knowledge.
• Lead 2nd Line Challenge:Conduct comprehensive challenge to identify potential threats and vulnerabilities in the Banks processes systems and operations. Partner with 1st line of defense to develop risk mitigation strategies across key cyber and IT domains. Challenge IT and cybersecurity risks within scenario analysis and thematic reviews. Conduct cyber risk assessments metrics and controls within globally complex dispersed and diverse organizations.
• Control Evaluation:Evaluate the design of controls and communicate the impact of control weaknesses to first line teams and control implementers.
• Alignment Evaluation:Evaluate the extent to which the first line of defense is aligned with internal and external control standards as well as regulatory and audit requirements.
• Stakeholder Advisory:Advise stakeholders on risk management controls development and adherence to mitigate risks.
• Risk Monitoring:Proactively monitor key risk indicators analyze control metrics and provide insights on risk management effectiveness to senior management driving continuous improvement initiatives.
• Reporting:Support monthly and quarterly IT and Cyber Risk report development for various risk committees and senior management.
• Risk Monitoring:Monitor cybersecurity risks and the controls in place within the bank as well as external cybersecurity reporting that may impact the bank.
• Security Operations:Manage assess or audit security operations processes and technologies including SOC SIEM Fusion Center and Incident Response.
• Understand how the Banks risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabanks Values its Code of Conduct and the Global Sales Principles while ensuring the adequacy adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational compliance AML/ATF/sanctions and conduct risk.
• Champions a high performance environment and contributes to an inclusive work environment.

Do you have the skills that will enable you to succeed in this role Wed love to work with you if you have:

• University degree preferably in Computer Engineering Computer Science or related field
• Cybersecurity technology or risk management certification (e.g. CISSP CCSP CEH CISM etc.)
• Strong understanding of technology and cyber security regulatory frameworks and guidance (e.g. OSFI NIST FFIEC GDPR MITRE ATT&CK)
• A minimum of 7 years experience in cyber security and technology departments and/or risk management preferably in a financial institution
• Strong expertise Cybersecurity Risk Management (e.g. Access management Data Leakage Data Protection Cyber intelligence)
• 5 years of experience or equivalent expertise in technology risk management information security or a related field with a focus on risk assessment and control evaluation
• Proficiency in cyber security risk management & controls security governance with a track record of implementing effective risk mitigation strategies
• Strong understanding of IT risk management frameworks in a global banking environment.
• Able to convey complex concepts and ideas on issues requiring interpretation and opinion.
• Influences without authority across technology architecture and operations
• Build partnership with 1Line while maintaining independence
• Highly organized self-directed and documentation focused
• Maintains objectivity and professionalism under pressure.
• Interprets and communicated KRIs/KPIs effectively to senior stakeholders

Whats in it for you

• We have an inclusive and collaborative work environment that values curiosity & ownership encourages pragmatic creativity (i.e. true innovation) and celebrates success!
• An inclusive working environment that encourages creativity curiosity and celebrates success!
• A rewarding career path with diverse opportunities for professional development
• Internal training to support your growth and enhance your skills
• A competitive rewards package that includes a base salary a performance bonus company matching programs on pension and profit sharing paid vacation personal & sick days medical vision and dental benefits that start from day one and much more!

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.