Title:  Senior Manager, Technology Controls Engineering

Requisition ID: 248853

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Global Technology Control Testing team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for the Enterprise on all technology risk domains, including Cyber Security, Data Privacy, Software Lifecycle Management, Capacity, Incident Management, Disaster and Backup Recovery, Third Party Management, Project Management, and Audit & Regulatory issue remediations.

Senior Manager, Technology Controls Engineering, directly supports the Director, Technology Control Testing to collaboratively assess high risk processes across business lines and manages the execution of the control test exercise(s). This role is part of a strategic and comprehensive IT Risk Management Function within the Global Technology Control Testing team and ensures design and implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.

The role includes significant coordination and engagement with peers across all business lines and technology functions. This includes 1st, 2nd, and 3rd Lines of Defense for Technology in the execution of risk management activities, inclusive of regular updates, formal reporting and managing remediation commitments identified (e.g. audit findings).

Is this role right for you? In this role, you will: 

• Champion a product-driven and data-centric culture to deepen client relationships and leverage broader Bank systems and knowledge.
• Lead the design and implementation of automated workflows for IT General controls and control walkthroughs, using data analytics to assess control effectiveness and identify opportunities for process improvement.
• Advise and support risk owners in day-to-day risk management activities and execution, focusing on scalable solutions, automation, and actionable insights. Assists risk owners in adhering to policies, frameworks, standards, and guidelines through active engagement, guidance, and counselling. Advises on the design and implementation of controls, and remediation plans to mitigate risk.
• Identify, assess, prioritize, and report on material IT risks for IT and aligned business areas using advanced analytics and visualization tools to drive decision-making.
• Lead internal control reviews of high-risk processes including procedure testing, establishing test plans and test scripts, providing recommendations, and reporting to the Head of Technology COE, incorporating automation and data collection for continuous improvement.
• Drive implementation of a strong IT risk culture in partnership with risk owners and other control functions by promoting the use of data, metrics, and automation.
• Monitor and enhance governance processes such as change management, project management, and architecture reviews by introducing automated controls and data-driven monitoring.
• Collaborate with IT Risk Senior Managers for other business units to improve risk management practices across the enterprise, sharing best practices in automation and data analytics.
• Provide on-going coaching and guidance to less experienced team members to ensure consistent understanding of the overall risk program, KRIs, monitoring plan, and governance structure, while fostering product thinking and data-driven decision-making.

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• 8+ years of experience in Technology, IT Risk and/or Technology Operations 
• 5+ years of experience with senior stakeholder management, executive reporting (including dashboards).
• 5+ years in technology risk, software engineering, DevOps, infrastructure, or security engineering.
• Hands-on experience designing, implementing, and automating technology controls (e.g., access management, encryption, monitoring).
• Experience with automation engineering (e.g., scripting, APIs, integration platforms).
• Background in software development, system design, or cloud engineering (AWS, Azure, GCP).
• Deep understanding of infrastructure risk, application risk, and security engineering.
• Familiarity with regulatory frameworks (COBIT, NIST, CIS) and implementing controls to meet compliance requirements.
• Technical project management experience, including architecture reviews and documentation.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employees to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.  
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.