Senior Manager, US Technology Risk Officer (TRO), First Line of Defense (1B)

Requisition ID: 259900

Salary Range:-

Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors including but not limited to the successful candidates relevant knowledge skills and experience.

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

Purpose

The Senior Manager U.S. Technology Risk is a first line risk leader responsible for executing and sustaining technology risk management activities across assigned portfolios and domains. Reporting to the Director U.S. Technology Risk Officer this role partners closely with technology leaders risk owners and control functions to identify risks assess control effectiveness and drive remediation outcomes in alignment with risk appetite and regulatory expectations.

The role plays a critical part in operationalizing the Technology Risk Offices strategy translating risk direction governance standards and escalation decisions into consistent execution high quality evidence and measurable risk reduction.

What Youll Do

• Execute technology risk assessments control self assessments and thematic reviews across assigned applications platforms and services ensuring risks are accurately identified evaluated and documented in enterprise risk systems.
• Own day to day issue management and remediation execution including development and tracking of clear get to green plans addressing root causes and escalating risks or slippage with proposed actions.
• Monitor the effectiveness of key technology governance processes (e.g. SDLC change architecture and project delivery) to identify control gaps and support remediation and improvement initiatives.
• Support audit and regulatory activities by coordinating evidence preparing responses and validating remediation outcomes; oversee SOX related control execution within scope including evidence readiness for quarterly attestations.
• Produce risk control and remediation reporting (KPIs/KRIs) highlighting trends emerging risks and control health to support risk based decision making.
• Partner with technology risk owners Business Internal Control teams and other control functions to strengthen first line risk ownership execution consistency and risk culture.
• Lead coach and develop Technology Risk Officers or analysts (where applicable) to ensure high quality execution sound judgment and sustained risk management outcomes.
• Champion a customer-focused culture and deepen relationships with senior leadership peers and functional groups.
• Ensure compliance with information security regulations user education and cybersecurity.
• Lead the design and operation of compliance monitoring and improvement activities to ensure compliance with internal security policies and applicable laws and regulations.
• Actively pursue effective and efficient operations ensuring adherence to operational risk regulatory compliance risk AML/ATF risk and conduct risk frameworks.
• Understand and apply the organizations risk appetite and risk culture in day-to-day activities and decisions.
• Build a high-performance environment and implement a people strategy that attracts retains develops and motivates the team.

What Youll Bring

• University degree in Computer Engineering Computer Science Technology or a related field
• Professional certifications in cybersecurity technology or risk management (e.g. CISSP CCSP CEH CISM).
• Demonstrated knowledge or hands on experience in one or more of the following areas:
  • Regulatory (e.g. FFIEC guidance NYS DFS FRB FINRA)
  • Technology (e.g. cybersecurity software delivery infrastructure/platform services asset or currency management)
  • Issue & Remediation Management (e.g. execution tracking risk evaluation escalation and reporting)
  • Audit or Regulatory Exam Support (e.g. control testing evidence management remediation coordination)
• 710 years of experience in technology risk cybersecurity internal controls audit compliance or operational risk within a financial services or regulated environment.
• Broad exposure across multiple technology domains such as application development infrastructure or cloud services information security resilience third party risk and change or incident management.
• Experience executing remediation programs and supporting get to green outcomes including coordination across technology and control partners; experience across any line of defense is preferred.
• Strong communication and stakeholder management skills with the ability to clearly articulate risk issues remediation status and control gaps to technology leaders and control partners.
• Solid execution governance and project management skills with the ability to manage multiple workstreams dependencies and deadlines in a complex environment.
• Experience with risk reporting metrics or dashboards (e.g. Power BI Tableau or similar tools) is desirable.
• Working knowledge of risk and control frameworks (e.g. NIST ISO COBIT ITIL FFIEC) is desirable.
• Relevant certifications (e.g. CISA CISM CRISC CISSP) are an asset but not required.

Interested

If your experience is closely related but doesnt align perfectly with every qualification we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank!

At Scotiabank every employee is empowered to reach their fullest potential respected for who they are and embraced for their differences. Thats why we work to grow and diversify talent and engage employees in a performance-oriented culture.

Whats in it for you

Scotiabank wants you to be able to bring your best self to work and life every day. With a focus on holistic well-being our many flexible benefit programs are designed to help support your unique family financial physical mental and social health needs.

#GBM

Location(s): United States : Texas : Dallas

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.

Scotiabank is an equal opportunity employer. We evaluate qualified applicants without regard to race color religion sex sexual orientation gender identity national origin disability veteran status or any other characteristic protected by federal state or local law.