Senior Manager, Third-party Technology Resiliency Controls (Hybrid)

Requisition ID: 203480

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Looking for a hybrid role? We have the job for you! Our employees in hybrid roles can alternate between work from home & onsite in the office with the details to be determined, based on business needs.

The team:

Scotiabank's Global Technology & Enterprise Platforms' (GTEP) Technology Resilience Control team provides Internal Controls for the Technology Resilience risk domain in support of the Bank's Third-Party Risk Management (TPRM) Program. The team is responsible for establishing the requirements for third-party IT availability and resiliency capabilities and supporting our contract owners by providing opinion on our vendor's IT availability and resiliency control strength. There are many exciting opportunities to grow in different areas of risk management, and work with many cross-functional teams within the Bank.

The role:

You support the Director, Technology Internal Controls & Regulatory Management in achieving one of GTEP's key focus on Technology Resiliency by collaboratively assessing, analyzing, and quantifying technology risk, designing controls, and assisting in their implementation for our third-party suppliers. As a part of a strategic and comprehensive IT Risk Management cross-functional organization, the role ensures control implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.

In this role, travel between local Scotiabank locations within the GTA (Scarborough or downtown Toronto) may be required from time to time. Extended working hours may be required occasionally to support key deliverables in support of the Bank's TPRM program.

Is this role right for you?

• You are eager to conduct detailed third-party supplier technology resiliency risk assessments and ensure that technology resiliency due diligence are recorded in enterprise tools and are in full compliance of defined policies and common standards, including the Bank's Global Third Party Risk Management Policy.
• You thrive on evaluating technology resiliency controls and contract language and engage in contract negotiations to ensure the Bank's third parties maintain a technology resiliency posture aligned with industry best practices and our internal controls.
• You are keen to develop a detailed understanding of the Bank's TPRM program, regulatory compliance requirements (e.g., Office of the Superintendent of Financial Institutions [OSFI] B-10, B-13, and E-21 for Canada & Digital Operational Resilience Act [DORA] for European Union), practices, and priorities, specifically as it relates to Technology Resiliency.
• You embrace working with Contract Owners, vendor management offices, and sourcing teams to ensure the Bank's technology resiliency requirements are met through the contracting process.
• You like the challenge to identify pervasive third-party supplier technology resiliency risk issues or issues that are common across the landscape, evaluate mitigating internal controls, and determine residual risks to the Bank.
• You are willing to continuously identify opportunities to improve effectiveness and enhancements of technology resiliency risk identification, management policies and processes.

Do you have the skills that will enable you to succeed in this role?

• You can demonstrate solid communication (verbal/written) skills in English. The ability to do the same in both Spanish & English is preferred.
• You have at least 3+ years of hands-on working experience in information technology risk management, either in an IT operations function, or as a control function (audit or risk management, etc…).
• You have at least 5+ years of hands-on working experience with supplier management processes, such as experience establishing Statements of Work (SOWs), reviewing contractual language, or developing Service Level Agreements (SLAs).
• You are experienced in Third-Party Risk Management (TPRM) procedures, either as a supplier manager and/or in the first-line of defense and/or in a risk oversight function.
• You are willing to learn the regulatory, legislative and industry requirements governing the management of technology systems and information for financial institutions (COBIT® [Control Objectives for Information and Related Technologies]; NIST [National Institute of Standards & Technology]; OSFI B-10, B-13 & E-21; DORA; PCI-DSS [Payment Card Industry Data Security Standard], etc.).
• Your past achievements have demonstrated ability to leverage collaboration and strategic influencing to achieve results.
• Throughout your career, you have demonstrated good ability to balance competing or conflicting goals with a good sense of urgency.

What's in it for you?

• We provide an excellent opportunity to drive technology resiliency improvements through effective third-party risk management across Scotiabank's global footprint to Keep the Bank Safe and Amplify results.
• You'll get to work with and learn from diverse industry leaders, who have hailed from top technology companies around the world.
• We have an inclusive and collaborative work environment that encourages creativity, curiosity, and celebrates success! We foster an environment of innovation and continuous learning.
• We care about our people, allowing them to design how they work to deliver amazing results.
• We offer a competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.
• As a part of our Hybrid Work Model, when required to be onsite, our primary office in Scarborough is:
  • Renovated with a design focus on enabling collaboration through both environment and technology.
  • Furnished with an onsite cafeteria that serves hot foods (breakfast & lunch), salads, sandwiches, snacks & hot/cold drinks.
  • Our lounges have TV's, fridges, microwaves, complimentary hot beverage stations & water dispensers.
  • Minutes from the 401 & DVP. Free onsite & offsite employee parking. Charging stations for electric vehicles onsite.
  • Accessible by TTC bus from Eglinton subway station on Line 1 or from Warden subway station on Line 2 or from Kennedy station on Lines 2/3. When it begins to operate, the Eglinton Crosstown Light Rail Transit's Birchmount stop is steps away.
  • Kennedy GO Station on the Stouffville line & Scarborough GO Station on the Lakeshore East line, with connecting TTC buses, can get you to this worksite.

#scotiatechnology

#LI-hybrid

Location(s): Canada : Ontario : Scarborough

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.