Share this Job

Title:  Manager, Privacy Incident Response and Governance (Bilingual / Spanish)




Requisition ID: 70430


Join the Global Community of Scotiabankers to help customers become better off.


Purpose of Job

The incumbent will promote and support the mandate of the Scotiabank Privacy Office, which includes protecting Scotiabank, its senior managers, directors, officers and employees from the serious adverse consequences of non-compliance with privacy legislation (including regulatory sanction and damage to reputation).


Key Accountabilities

The incumbent will support Scotiabank’s privacy program and is accountable for:  Assisting in the development and management of privacy policies and programs; providing training and awareness; and providing support to business units in managing privacy complaints, inquiries, incidents and breaches. He/she will maintain current knowledge of applicable federal and provincial privacy laws, and monitor developments in privacy laws and regulation to promote the Bank’s adaptation and compliance.


Specific accountabilities include:


1. Breach Management

  • Supporting business lines to manage data breach incidents. This includes addressing daily escalations from SS-Ops and Security & Investigation, and more significant incidents which require the Privacy Breach Management Team to be convened.
  • Maintain privacy incident log and other privacy incident documentation
  • Collaborate closely with IT security team and business stakeholders to respond to, investigate, and resolve privacy incidents

2. Training and Awareness

  • Assisting in the development and implementation of applicable internal and customer facing privacy and related policies and guidelines.
  • Developing privacy training materials and other communications to increase employee understanding of Scotiabank privacy policies, procedures and legal obligations.
  • Delivering or ensuring delivery of privacy training and orientation to employees.
  • Working with business unit compliance officers to help promote awareness of “best practices” on privacy issues.
  • Conducting on-going privacy training and awareness activities.


3. Monitoring, Oversight

  • Identify privacy risks and make recommendations, communicate and follow-up on recommendations to stakeholders
  • Monitoring key privacy and data protection legislation, analyzing compliance requirements, and making recommendations as needed.


Education/Work Experience/Designations


The incumbent must be or become:

  • Highly knowledgeable about global privacy and information security regulations, enforcement trends and best-practices;
  • Knowledgeable about Scotiabank, in particular, the risk management, control, administrative and operational structure, policies and procedures, and generally understand the business activities, products and services conducted/provided within or by various business units;
  • Familiar with information security concepts, and able to quickly understand and assess financial services technology, systems and processes;
  • Knowledgeable as to the uses of technology in online marketing, including the tracking of consumer behaviours online and best practices to present internet users with privacy notices and consumer choices;
  • Experienced at using technology to support compliance programs;
  • Experienced in the initiation, development and implementation of new policies, procedures and practices, employing solid project management skills and the organizational “know-how” to get things done through a network of contacts within Scotiabank;
  • Innovative and a self-starter with good research, project management and documentation skills;
  • Skilled in communicating both verbally and in writing with all levels including branch staff, operational and senior management, regulators and customers;
  • Sensitive to the diverse cultural make-up of the Bank’s customer and employee population;
  • Able to solicit and keep the good will and cooperation of a wide range of individuals, including operational and senior management, while providing advice, guidance and strategic influencing on complex privacy compliance issues; and
  • Highly proficient at written and verbal communications, in particular, the development of succinct and useful reporting on compliance issues for an Executive Management audience.


The incumbent must have:

  • Sound judgment and a strong practical approach to considering courses of action;
  • The flexibility to balance multiple accountabilities with competing priorities; and
  • The ability to work independently and to tight deadlines, and to quickly adapt to unforeseen changes in priorities and initiatives.
  • Collaborate closely with IT security team and business stakeholders to respond to, investigate, and resolve privacy incidents.
  • Understanding of security controls, privacy, risk management framework and compliance models.
  • Demonstrated ability to deal with ambiguity and seek for clarity independently, work effectively with remote, global teams in multiple time zones.
  • Strong cross team organization collaborative skills.
  • Spanish proficiency



  • University degree, Information Technology certification, preferred.
  • Certified Information Privacy Professional (Canada), or a related or similar qualification, or willingness to obtain the certification.


Other desired skills:

  • Information Security qualifications, e.g., a Certified Information Systems Security Professional designation
  • Experience working in a diversified financial services company
  • Financial services compliance experience and qualifications



Location(s):  Canada : Ontario : Toronto 

As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Bank, Banking, Risk Management, Web Design, Finance, Creative, Bilingual