Title:  Senior Manager, IT Risk

Requisition ID: 244077

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Scotiabank has embarked on the journey to modernize both development practices and tools. One of the main areas of transformation is the public cloud and the various platform technologies that support both development and operations on the cloud. The aim is to understand the IT Risk Management of Cloud and guide teams across the Bank on managing this risk. We are looking to build our IT Risk team with influencers, makers, innovators, and industry leaders who will drive us forward with smart and effective risk management that is aligned with a growth mindset.

The role of Senior Manager, IT Risk – Cloud will lead and engage on the management of IT Risk(s) for Cloud across Scotiabank and its subsidiaries

Is this role right for you? In this role you will:

• 7 to 10+ years of risk management and/or technology experience with at least five years of managing a large cross-functional team and influencing senior level management and key stakeholders
• Excellent relationship management, influencing, negotiating, and interpersonal skills. Ability to work effectively with all levels of the organization and balance the needs of multiple functions
• High level experience with modern technologies such as public and private cloud (AWS, Azure, etc.), containerization and orchestration (Kubernetes), & microservice architecture
• Understands the foundation of the RCSA process and the identification of risks and controls.
• Leads and ensures proper development of the New Initiative Risk Assessments with various stakeholders
• Previous experience developing and executing on strategies and delivering superior results in both the short and long term
• Previous experience as a Security Architect, DevOps Engineer, Cloud Security Engineer, ideally within a regulated financial services environment
• Has a strong delivery mindset with a keen understanding of Cloud and Cloud Security
• Analyze IT processes to design and implement robust risk related controls and processes and ensure that controls are maintained and monitored.
• Actively monitor and investigate Cloud’s Key IT Risk Indicators (Security, Availability, Third Party Management, Software Currency, etc.), and work across the organization to resolve vulnerabilities.
• Interface with other areas in Scotiabank, such as: Cybersecurity, Vulnerability Management, Global Risk Management, Audit, Compliance, Portfolio Management.
• Ensure that IT Risk assessment analysis and results are maintained in enterprise tools and are in full compliance of defined policies and common standards.
• Track, monitor and work with issue owners to ensure that open issues related to TRAs, IT RCSAs, Audits, Compliance reviews, any self-identified issues and any other relevant risk reviews
• Requires a strong understanding of 1st Line, 2nd Line and 3rd Line Risk Management practices
• Work with Scotiabank’s Audit and Compliance teams to resolve any issues identified by those teams.
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
• Champions a high-performance environment and contributes to an inclusive work environment.
• Deliver projects to remediate IT Risk, Internal Audit and Regulatory (including OSFI) associated with security platforms.
• This position also requires strong people management skills and the ability to motivate and influence junior staff and SMEs in the Bank and other Technology departments.

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• CCSP, CISSP, CISA or similar certifications (Required)
• Familiarity with industry frameworks, and Financial Banking Regulations (NIST CSF, FFIEC IT Handbooks, OSFI B-13, CSA CCM etc.)
• Enthusiasm for cloud transformation and cloud platform enablement especially from an IT Risk Management perspective
• Experience within an Agile Development environment while balancing Waterfall methods of managing Projects
• Strong breadth and experience on understanding of the 1B role within Risk Management pillars across the bank
• At least 5+ years of experience with Microsoft Azure
• At least 5+ years of experience with virtualized environments (VMWare, Virtual Servers)
• At least 7+ years of experience managing bank wide programs across the 3 lines of defense
• Self-Starter with a vision in understanding their role in the Bank and its impact
• Good oral and written communication skills
• Able to work with ambiguity and self-sufficient
• Attention to detail and high standards for quality
• Writing and maintaining related documentation.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.  
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance. 
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more

Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.