IT Risk Lead, Scotiabank

Requisition ID: 207475

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Contributes to the overall success of first line Technology as well as IT Risk and Resiliency ensuring specific individual goals, plans, initiatives are executed / delivered in support of IT&S and the businesses strategies and objectives.

Build robust IT Risk related controls and processes and ensure they are maintained and adhered to in the assigned IT portfolio.
Support the Director of IT Risk to collaboratively assess, evaluate and quantify IT risk, design controls and assist in their implementation within the business line.

Is this role right for you? In this role you will:

• Champion a customer focused culture, share knowledge amongst peers to drive synergies, consistency and reduce duplicative cross-portfolio effort.
• Support the portfolio Director in providing the 1st Line of Defense (1B) function in technology with ongoing guidance to support the implementation of, and compliance to, established IT Standard, Policies, Procedures, regulatory and cyber requirements through active engagement, guidance and counselling.
• Provide direction to the 1st Line of Defense (1A) teams, Risk owners, to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems.
• Support portfolio Director with advisory services, works with the 1A risk owners and other risk groups or advisors in various business areas (Internal Controls, Audit, Cyber Security, Privacy) to spearhead the facilitation and execution of risk management activities.
• Identify, assess, prioritizes and report on IT risk for relevant business areas. Conduct risk assessments, Risk Control Self-Assessments (RCSAs) and ensure observations, issues and outputs are recorded in enterprise tools; support IT risk control testing and monitoring and help Risk Owners with remediation plans.
• Identify, review and triage risk incidents, support root cause analysis.
• Ensure that IT Risk assessments and outputs are recorded in enterprise tools and in full compliance of all policies and common standards, including the IT Risk Management Policy and Framework.
• Support communication regarding new risk controls, frameworks, policies, risk indicators, metrics and limits. When necessary, will perform gap analyses to identify non-compliance and track remediation status.
• Perform analyses of systems or asset data and help prepare monthly / quarterly reporting for senior management, Internal Controls, Operational Risk or 1A stakeholders.
• Monitor performance of KPIs and KRIs. Operationalize programs to improve KRI performance to meet banks risk tolerance. Support 1A technology team to remediate by tracking and escalating as necessary.
• Support IT Risk Director to track and gather evidence of SOX control testing to ensure completion as per schedule.
• Evangelize for IT Risk and promote a strong risk culture in partnership with the risk owners.
• Actively pursue effective and efficient operations of his/her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance, Risk Management Framework, AML/ATF Global Handbook and the Guidelines for Business Conduct.
• Champion a high-performance environment and implement a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment, communicating vison/values/business strategy and managing succession and development planning for the team.

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• Experience with ITSM tools (ServiceNow, a plus) with strong understanding of SRE and service management principles.
• Knowledge of the Bank's IT Asset management tools (APM), provide support to assets owners in the onboarding and maintenance of their applications in the tool, monitor processes and the data quality of corresponding portfolio information assets through these tools.
• Breadth of IT, and/or non-financial Risk management experience (governance, operations, audit, control functions, compliance, risk management) over 5+ years.
• Candidate requires strong communication (both verbal and written) and intermediate judicious influencing capability, supported by analytical competencies. Proficient written and verbal communication required at all levels of the organization is essential.
• Requires expert IT Risk management experience in 3+ areas including but not limited to systems design, security, availability/stability/resiliency, disaster recovery, third party risk management, change management, release management, audit, regulatory risk, logical access, software currency. Exposure to cloud controls would be an asset.
• Knowledge of global banking businesses including related systems, procedures, regulations.
• Ability to balance contesting or conflicting goals of various stakeholders which requires maturity, negotiation and project management, as well as governance skills.
• Strong PPT, Excel, data analytics and visual dashboarding skills expected.
• Knowledge or understanding of Risk / Control frameworks is desirable (ITIL, ISO, COBIT, NIST).
• Degree in Computer Science, Engineering, Business Commerce or equivalent experience. Additional relevant Certifications would be an asset - ITIL V3 Foundation Cert. in ITSM, COBIT, CRISC, CISSP.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, cooking with friends, Humans of Digital and much more!

Working location condition: Hybrid

#LI-Hybrid

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.