Please be advised that our Careers site will be unavailable from November 28 at 12am ET to November 29 12am ET for scheduled system maintenance.

Title:  Director, Technology Control Testing




Requisition ID: 198966

Salary Range: 174,700.00 - 286,000.00 

Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.


Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.


Global Banking and Markets:


Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world. 


Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group.  


Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future! 




Leads and oversees Global Technology Control Testing (located in United States) ensuring business strategies, plans and initiatives are executed / delivered in compliance with governing regulations, internal policies and procedures.


What You’ll Do:


  • Advises and supports risk owners in day to day risk management activities and execution. Assists risk owners in adhering to policies, frameworks, standards and guidelines through active engagement, guidance, and counselling. Advises on the design and implementation of controls, and remediation plans to mitigate risk.
  • Acts as a primary interface and conduit between the risk owners and other risk groups to lead the facilitation and execution of risk management activities.  
  • Lead internal control reviews of high-risk processes including procedure testing, establishing test plans and test scripts, providing recommendations, providing feedback and reporting to the Head of Technology COE.
  • Based on the activities in the area under review, be able to identify, articulate, and challenge management on the strength of their control program.
  • Work with Compliance officers to identify regulatory risks and integrate regulatory controls and monitoring into the overall technology control testing plan.
  • Document and monitor progress of remedial actions for issues identified through Technology Control testing and by others, including Internal Audit, Compliance, regulators, and management self-identified issues. 
  • Ensures implementation of a strong IT risk culture in partnership with the risk owners and other control functions.
  • Insert specific role accountability (as opposed to your annual deliverables) that outlines a significant aspect of the job and how it is achieved.
  • Oversees audit issue remediation to meet the annual enterprise target, and SOX control testing across the portfolio by working with Internal and External Audit.
  • Review and contribute to technology policies and standards under development or review, as applicable.
  • Monitor effectiveness of portfolio impacting governance processes such as change management, project management and architecture reviews, for enforcing control requirements. 
  • Engage in business integration projects to ensure all appropriate technology controls and processes are implemented; and enable the implementation of appropriate technology controls and processes in non-integrated subsidiaries.
  • Collaborates with IT Risk directors for other business units to improve risk management practices across the enterprise.
  • Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
  • Builds a high-performance environment and implements a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment and using a coaching mindset and behaviors; communicating vison/values/business strategy; and, managing succession and development planning for the team.
  • Provide on-going coaching and guidance to less experienced Technology COE staff to ensure there is a consistent understanding of the overall risk program, KRIs, monitoring plan and governance structure.

What You’ll Bring:


  • Requires an undergraduate degree.  An IT Audit /Information Security professional designation (e.g., CISA, CISSP), and experience with NIST, COSO and COBIT Frameworks is a plus.
  • 9-11 years of relevant experience in auditing ITGC controls. Specifically, Information Security, BCP, DR, Application Controls, and Data Governance. Technology Risk Management experience in financial services industry is a significant advantage.
  • Data Analytics and using data along with other tools for decision making are a plus. 
  • This is a position requiring core skills in the audit of applications, data and the management of IT projects overview of business cycles.
  • Knowledge of the Regulatory Frameworks including for US (DFS500, OCC, and Federal Reserve) and requirements applicable to Banks is an asset.
  • The incumbent must possess sound time management skills in order to manage multi-functional accountabilities.





At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That’s why we work to grow and diversify talent and engage employees in a performance-oriented culture. 


What's in it for you? 


Scotiabank wants you to be able to bring your best self to work – and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs. 

Location(s):  United States : New York : New York City

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Nearest Major Market: New York City

Job Segment: Information Security, Compliance, Law, Testing, Technology, Legal, Research