Share this Job

Title:  Director, Security Governance






Requisition ID: 66498


Join the Global Community of Scotiabankers to help customers become better off.

The Director, Security Governance role is within the Global Security Services group of the Information Security & Control department (IS&C). This role is the prime contact for all aspects related to regulatory compliance adopted by IS&C, globally.


The ideal candidate is a highly motivated, collaborative, technically experienced and well-organized individual. This role will provide line management, leadership and strategic direction for the function and liaising closely with the directors and management of the department and other peers in IS&C. The role also manages the relationship with Global Risk Management, Global Compliance and Audit (2nd and 3rd Line of Defense). In addition, the role will assist in driving governance programs; leading efforts to produce actionable plans to meet the varying compliance requirements. The Director of Security Governance will be working with an international team, providing oversight for both internal and external compliance efforts in all countries where Scotiabank operates.



  • Facilitates regulatory initiatives in relation to information security that impact the Bank directly and/or the Financial Industry generally; such as regulatory reviews, participation in surveys, projects, simulations and exercises.  Provide oversight of regulatory initiatives in foreign jurisdictions, as required.
  • Manages the tracking, mitigation, remediation and reporting of regulatory and Audit findings that require attention and closure.
  • In collaboration with other IS&C Directors understands impacts of new regulatory changes to the Bank’s compliance with information security controls and support plans to mitigate and remediate gaps.
  • Supports reporting of information security topics to Executive Management and Board of Directors.
  • Serves as the internal contact for governance requests.
  • Provides input into design, implementation, operation and maintenance of the Bank’s Information Security policy, Cybersecurity policy, standards, procedures, guidelines and directives by ensuring new regulatory requirements are incorporated appropriately.
  • Interfaces with auditors and other assessor to facilitate audits.
  • Leads the design and operation of related governance monitoring and improvement activities to ensure compliance both with internal security policies, etc. and applicable laws and regulations.
  • Reports on the overall effectiveness of the Security Governance function to Senior Executives on a regular basis by liaising with Line of Defense functions (2nd and 3rd Line) and external regulatory bodies regarding timing and scope of the required audits.


The incumbent is expected to lead and drive a customer-focused culture throughout the team and deepens client relationships and leverage broader Bank relationships, systems and knowledge.


The incumbent is expected to create a high performance environment that attracts, retains, develops and motivates individuals by fostering an inclusive work environment with clear communication of vision, values, business strategies and development planning for the team.



  • The incumbent must have at least 7-10 years of IT Security and/or business/industry work experience and is required to keep current with emerging trends, best practices, directions and issues in information security technology and auditing frameworks. The incumbent must be able to assess the relevance to Scotiabank Group of new regulations, security frameworks (i.e. NIST framework) and propose appropriate and relevant updates to the existing policies, standards, procedures, guidelines and/or propose new directives, as appropriate.
  • The incumbent preferably has appropriate security certifications (e.g. Certified Information System Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified ISMS Lead Auditor or ISO27001 Certified ISMS Lead Implementer or equivalent designation / security experience).
  • The incumbent must be prepared to deal with regulations from all locations where Scotiabank operates in, conduct analysis and collaborate with the Director of Policy and Standards to adjust policies and procedures. He/she must track compliance and help the different country CISOs in the formulation of compliance plans within regulatory timelines. The incumbent is expected to explain security risks and associated controls to Executive Management in a constructive and concise manner.
  • The incumbent must have excellent written and verbal communications skills and strong background in MS Office, particularly in Word, Excel and PowerPoint.
  • The incumbent will have a Bachelor’s or Master’s Degree in Computer Science, Information Systems, or other related field, OR equivalent work experience.

Location(s):  Canada : Ontario : Toronto 

As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Developer, Law, Manager, Information Systems, Security, Technology, Legal, Management