Requisition ID: 126368
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Global Technology Control Testing team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for the Enterprise on all technology risk domains, including Cyber Security, Data Privacy, Software Lifecycle Management, Capacity, Incident Management, Disaster and Backup Recovery, Third Party Management, Project Management, and Audit & Regulatory issue remediations.
Senior Manager, Technology Control Testing directly supports the Director Global Testing to collaboratively assess high risk processes across business lines and manages the execution of the control test exercise(s). This role is part of a strategic and comprehensive IT Risk Management Function within the Global Technology Control Testing COE and ensures design and implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.
The role includes significant coordination and engagement with peers across all business lines and technology functions. This includes 1st, 2nd, and 3rd lines of defense for Technology in the execution of risk management activities, inclusive of regular updates, formal reporting and managing remediation commitments identified (e.g. audit findings).
What Your Role Will Be:
Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems, and knowledge.
Leads IT General controls and automated control walkthroughs and assess controls for effectiveness
Advises and supports risk owners in day to day risk management activities and execution. Assists risk owners in adhering to policies, frameworks, standards and guidelines through active engagement, guidance, and counselling. Advises on the design and implementation of controls, and remediation plans to mitigate risk.
Identifies, assesses, prioritizes, and reports on material IT risks for IT and aligned business areas. This will require working with equivalent Risk Advisors in various business areas.
Lead internal control reviews of high-risk processes including procedure testing, establishing test plans and test scripts, providing recommendations, providing feedback, and reporting to the Head of Technology COE.
Ensures implementation of a strong IT risk culture in partnership with the risk owners and other control functions.
Oversees audit issue remediation to meet the annual enterprise target, and SOX control testing across the portfolio by working with Internal and External Audit.
Monitor effectiveness of portfolio impacting governance processes such as change management, project management and architecture reviews, for enforcing control requirements.
Collaborates with IT Risk Senior Managers for other business units to improve risk management practices across the enterprise.
Provides on-going coaching and guidance to less experienced GO Technology COE staff to ensure there is a consistent understanding of the overall risk program, KRIs, monitoring plan and governance structure.
Skills You Already Have:
Exceptional planning and analytical skills, ability to focus on critical issues
Ability to work collaboratively with teams, and manage team members, across multiple locations in multiple countries.
Ability to develop strong working relationships with partners/stakeholders, and influence change with numerous, cross-functional team.
5+ years of experience in the IT Risk and /or Technology Operations
Experience with the following is recommended: COBIT, CIS, and NIST frameworks. Exposure to SOX requirements
Need experience in a wide area of risk controls such as infrastructure risk, application risk. PM reporting/status skills to prepare status of IT control framework to senior management
Knowledge and experience in at least 5 technology disciplines, such as software development, API management, system design, information security, technology resilience, technology third party management, cloud computing, midrange and mainframe computing, project management, incident - problem - change management, networks and disaster recovery.
Certified Information Systems Auditor (CISA) and Certified in Risk and Information System Control (CRISC) are desirable.
Location(s): Toronto || Canada : Ontario : Mississauga || Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.