Title:  Senior Manager, US Technology Risk Officer (TRO), First Line of Defense (1B)

Requisition ID: 259900

 Salary Range:  -  

Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Purpose

The Senior Manager, U.S. Technology Risk is a first line risk leader responsible for executing and sustaining technology risk management activities across assigned portfolios and domains. Reporting to the Director, U.S. Technology Risk Officer, this role partners closely with technology leaders, risk owners, and control functions to identify risks, assess control effectiveness, and drive remediation outcomes in alignment with risk appetite and regulatory expectations.

The role plays a critical part in operationalizing the Technology Risk Office’s strategy, translating risk direction, governance standards, and escalation decisions into consistent execution, high quality evidence, and measurable risk reduction.

What You’ll Do 

• Execute technology risk assessments, control self assessments, and thematic reviews across assigned applications, platforms, and services, ensuring risks are accurately identified, evaluated, and documented in enterprise risk systems.
• Own day to day issue management and remediation execution, including development and tracking of clear get to green plans, addressing root causes, and escalating risks or slippage with proposed actions.
• Monitor the effectiveness of key technology governance processes (e.g., SDLC, change, architecture, and project delivery) to identify control gaps and support remediation and improvement initiatives.
• Support audit and regulatory activities by coordinating evidence, preparing responses, and validating remediation outcomes; oversee SOX related control execution within scope, including evidence readiness for quarterly attestations.
• Produce risk, control, and remediation reporting (KPIs/KRIs), highlighting trends, emerging risks, and control health to support risk based decision making.
• Partner with technology risk owners, Business Internal Control teams, and other control functions to strengthen first line risk ownership, execution consistency, and risk culture.
• Lead, coach, and develop Technology Risk Officers or analysts (where applicable) to ensure high quality execution, sound judgment, and sustained risk management outcomes.
• Champion a customer-focused culture and deepen relationships with senior leadership, peers, and functional groups.
• Ensure compliance with information security regulations, user education, and cybersecurity.
• Lead the design and operation of compliance monitoring and improvement activities to ensure compliance with internal security policies and applicable laws and regulations.
• Actively pursue effective and efficient operations, ensuring adherence to operational risk, regulatory compliance risk, AML/ATF risk, and conduct risk frameworks.
• Understand and apply the organization’s risk appetite and risk culture in day-to-day activities and decisions.
• Build a high-performance environment and implement a people strategy that attracts, retains, develops, and motivates the team.

What You’ll Bring 

• University degree in Computer Engineering, Computer Science, Technology, or a related field
• Professional certifications in cybersecurity, technology, or risk management (e.g., CISSP, CCSP, CEH, CISM).
• Demonstrated knowledge or hands on experience in one or more of the following areas:
  • Regulatory (e.g., FFIEC guidance, NYS DFS, FRB, FINRA)
  • Technology (e.g., cybersecurity, software delivery, infrastructure/platform services, asset or currency management)
  • Issue & Remediation Management (e.g., execution tracking, risk evaluation, escalation, and reporting)
  • Audit or Regulatory Exam Support (e.g., control testing, evidence management, remediation coordination)
• 7–10+ years of experience in technology risk, cybersecurity, internal controls, audit, compliance, or operational risk within a financial services or regulated environment.
• Broad exposure across multiple technology domains, such as application development, infrastructure or cloud services, information security, resilience, third party risk, and change or incident management.
• Experience executing remediation programs and supporting “get to green” outcomes, including coordination across technology and control partners; experience across any line of defense is preferred.
• Strong communication and stakeholder management skills, with the ability to clearly articulate risk issues, remediation status, and control gaps to technology leaders and control partners.
• Solid execution, governance, and project management skills, with the ability to manage multiple workstreams, dependencies, and deadlines in a complex environment.
• Experience with risk reporting, metrics, or dashboards (e.g., Power BI, Tableau, or similar tools) is desirable.
• Working knowledge of risk and control frameworks (e.g., NIST, ISO, COBIT, ITIL, FFIEC) is desirable.
• Relevant certifications (e.g., CISA, CISM, CRISC, CISSP) are an asset but not required.

Interested? 

If your experience is closely related but doesn’t align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank! 

At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That’s why we work to grow and diversify talent and engage employees in a performance-oriented culture. 

What's in it for you? 

 
Scotiabank wants you to be able to bring your best self to work – and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs. 

#GBM 

Location(s):  United States : Texas : Dallas

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Scotiabank is an equal opportunity employer.  We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by federal, state, or local law.