Title:  Senior Manager, Cloud Security and Emerging Technology

Requisition ID: 233320

 Salary Range: 117,400.00 - 224,700.00 

Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Global Banking and Markets 

Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world. 

Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group.  

Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries!  We work together to drive ambition for every future! 

Purpose

Contributes to the overall success and application of various Emerging and Cloud Technologies towards Cloud Security and Systems Resiliency improvements as part of the Global Risk Management (GRM) team globally. Ensuring specific goals, plans, and initiatives are executed/delivered in support of the team’s technology strategy, business strategies and objectives.  Ensures all activities are conducted in compliance with governing regulations, internal policies and procedures.

Collaborate with top-tier professionals across business and technology- Cloud Security and Cloud Engineering leads, aligned risk leads, first line of defense (1LOD), Regulatory Relations, Internal Audit, and the Enterprise Technology Risk Management team. Together, you will bring a Cloud technologist mindset to work towards application of various emerging and cloud technologies (such as Quantum Computing and GenAi) towards advancement of Cloud Security and Risk Management functions like identification, assessment and mitigations involving Cloud Security posture management, availability and resiliency of technology systems while ensuring effective communication with senior management and stakeholders. You will also work in implementing and maturing the Cloud Control Framework for Global Risk Management (GRM) function. 

You will also work in applying and maturing Bank technology and systems by leveraging your technical skills for various core cloud technology platforms (GCP, AWS, Azure), Quantum Computing, GenAi and Resiliency efforts.  

As part of the second line of defense, the Cloud Security, IT Risk and Emerging Technology team provides independent oversight and challenge, and assists in developing methodologies, policies, processes and tools to support the Cloud Security Posture Management, Cyber and IT Risk Management Framework.

What You’ll Do 

• Champion a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.

• Cloud Technologist: leverage your Cloud Technologist or Architect skills and experience to evaluate GenAi, Cloud Computing (Quantum computing) and how these ties to evolving industry regulations in financial services domain. 

• Implement Technologies: assist in development of Proof of Concepts, architecture that tie to bank relevant business applications and use cases focused on emerging technologies in areas like GenAi and Security, Stablecoin, blockchain and evolving Quantum computing in Cloud. Staying up to date on emerging trends and technologies is highly desired

• Control Evaluation: Evaluate the design of Cloud controls and communicate the impact of control weaknesses to first line teams and control implementers. Drive a program across stakeholders to delivery results. 

• Alignment Evaluation: Evaluate the extent to which the first line of defense is aligned with internal and external control standards, as well as regulatory and audit requirements.

• Lead 2nd Line Challenge: Conduct comprehensive challenge to identify potential availability and resiliency threats and vulnerabilities in the Bank’s processes, systems, and Cloud operations. Partner with 1st line of defense to develop risk mitigation strategies across key IT/Cloud domains. Challenge IT/Cloud risks within scenario analysis and thematic reviews. Conduct technology risk assessments, develop Cloud Control Framework, metrics, and controls within globally complex, dispersed, and diverse organizations.

• Stakeholder Advisory: Advise stakeholders on risk management, controls development, and adherence to mitigate risks.

• Risk Monitoring: Proactively monitor key risk indicators, analyze control metrics, and provide reporting, insights on risk management effectiveness to senior management, driving continuous improvement initiatives.

• Reporting: Support monthly and quarterly IT and Cyber Risk report development for various risk committees and senior management.

• Security Operations: Manage assessments of design, operations of processes and technologies, including but not limited to System architecture and life cycle management, Technology management process (e.g., Resiliency, release, configuration, change, incident, problem management), system monitoring and alerting.

• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.

• Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.

• Champion a high-performance environment and contributes to an inclusive work environment.

What You’ll Bring 

• University degree, preferably in Computer Engineering, Computer Science or related field
• Cybersecurity, Cloud technology, or risk management certification (e.g. AWS, Azure, GCP; CSPM, CISSP, CCSP, CEH, CISM, etc.)
• Strong understanding of technology and cloud cyber security regulatory frameworks and guidance (e.g., NIST, CNAPP, OSFI, CSPM, RCSA and SOX, MITRE ATT&CK)
• A minimum of 7 years’ experience in technology departments and/or risk management, preferably in a financial institution
• Experience in developing Cloud Control Frameworks as a Cloud Security technologist, architect or similar technical roles
• 5+ years of experience as a Senior Solutions Architect or Senior Technologist in Cloud (GCP, AWS and Azure)
• 5+ years of experience or equivalent expertise in technology risk management tied with Regulatory knowledge, Audit management and Issue tracking, information security, or a related field, with a focus on risk assessment and control evaluation
• Strong expertise in IT Availability and resiliency Risk Management (e.g. RCSA, HA/DR, BCP, Resiliency architecture and engineering)
• Familiarity with system life cycle and end-of-life risks
• Skilled in identifying and assessing resiliency and availability risks
• Familiarity with IT control frameworks (e.g., NIST, COBIT, ITIL)
• Experience writing clear risk opinions, challenge memos and oversight reports

Interested? 

If your experience is closely related but doesn’t align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank! 

At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That’s why we work to grow and diversify talent and engage employees in a performance-oriented culture. 

What's in it for you?

Scotiabank wants you to be able to bring your best self to work – and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs. 
 

Location(s):  United States : New York : New York City

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.