Title:  Senior Manager, Technology Risk and Control Self-Assessment

Requisition ID: 256436 

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Senior Manager of Technology Risk & Control Assessments will play a critical role in the hands-on execution of the Risk and Control Self-Assessment program across Technology. Reporting to the Director of Technology RCSAs, this role will lead the operational delivery of RCSAs, working closely with team members and First Line partners to ensure timely, accurate, and high-quality assessments. This role partners with technology leadership, risk management teams, and control owners to identify, assess, and mitigate technology risks while ensuring alignment with the bank’s enterprise risk management framework, regulatory expectations, and industry standards. The Senior Manager will lead deep-dive technology risk assessments, evaluate the effectiveness of controls, challenge risk assessments from the first line of defense, and deliver risk insights to senior management and risk governance committees.  The ideal candidate is detail-oriented, collaborative, and skilled at managing multiple priorities in a fast-paced environment

Is this role right for you? In this role, you will:

• Lead end to end execution of Technology RCSA activities across critical systems, platforms, and critical business services.
• Own facilitation of risk identification, inherent risk assessment, control mapping, and residual risk determination for technology processes and services.
• Perform deep dive assessments to evaluate control design and operating effectiveness across key technology domains (e.g., access management, change management, resiliency, third party risk).
• Identify control gaps, emerging risks, and systemic issues, and drive clear remediation actions to reduce operational and cyber risk exposure.
• Partner closely with First Line Technology teams to gather risk and control data, validate assessment outcomes, and reinforce ownership of risks and controls.
• Provide oversight, coaching, and quality assurance to junior team members during RCSA execution.
• Contribute to the continuous improvement of RCSA methodologies, tools, and procedures to enhance consistency, efficiency, and risk insight.
• Participate in technology risk governance forums and working groups, supporting effective escalation and decision making.
• Coordinate with Second and Third Line teams to support review, challenge, and alignment of RCSA outcomes.
• Track issues, action plans, and remediation activities resulting from RCSAs, incidents, and regulatory findings, and support sustainable closure.
• Deliver clear reporting on RCSA progress, key findings, and emerging risk themes, including concise summaries for senior management and governance committees  

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• Hands-on experience executing risk assessments or similar governance processes.
• A minimum of 8+ years of experience in technology departments and/or risk management, preferably in a financial institution
• Industry certifications desirable (e.g. CISSP)
• Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT) is preferred
• 8+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk assessment and control evaluation
• Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR)
• Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies
• Bachelor’s degree in Information Systems, Computer Science, Risk Management, or related field.
• Advanced knowledge of data analytics and data literacy

What's in it for you? 

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.  
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance. 
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our  Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.