Senior Manager, Risk

Requisition ID : 201510

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Senior Manager , Risk contributes to the overall success of first line Technology as well as ICRM ensuring specific individual goals, plans, initiatives are executed / delivered in support of IT&S and the businesses strategies and objectives.

You will build robust IT Risk related controls and processes and ensure they are maintained and adhered to in the assigned IT portfolio.

Is the role right for you?

• Champion a customer focused culture, share knowledge amongst peers to drive synergies, consistency and reduce duplicative cross-portfolio effort.
• Support the portfolio Director in providing the 1st Line of Defense (1B) function in technology with ongoing guidance to support the implementation of, and compliance to, established IT Standard, Policies, Procedures, regulatory and cyber requirements through active engagement, guidance and counselling.
• Provide direction to the 1st Line of Defense (1A) teams, Risk owners, to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems.
• Support portfolio Director with advisory services, works with the 1A risk owners and other risk groups or advisors in various business areas (Internal Controls, Audit, Cyber Security, Privacy) to spearhead the facilitation and execution of risk management activities.
• Identify, assess, prioritizes and report on IT risk for relevant business areas. Support risk assessments, Risk Control Self-Assessments (RCSAs) and ensure observations, issues and outputs are recorded in enterprise tools;

support IT risk control testing and monitoring and help Risk Owners with remediation plans.

• Collaborate with the SRO team to Identify, review and triage risk incidents, support root cause analysis.
• Ensure that IT Risk assessments and outputs are recorded in enterprise tools and in full compliance of all policies and common standards, including the IT Risk Management Policy and Framework.
• Support communication regarding new risk controls, frameworks, policies, risk indicators, metrics and limits. When necessary, will perform gap analyses to identify non-compliance and track remediation status.
• Perform analyses of systems or asset data and help prepare monthly / quarterly reporting for senior management, Internal Controls, Operational Risk or 1A stakeholders.
• Monitor performance of KPIs and KRIs. Operationalize programs to improve KRI performance to meet banks risk tolerance.

Support 1A technology team to remediate by tracking and escalating as necessary.

• Support IT Risk Director to conduct control testing to ensure completion as per schedule.
• Evangelize for IT Risk and promote a strong risk culture in partnership with the risk owners.
• Actively pursue effective and efficient operations of his / her respective areas, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML / ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance, Risk Management Framework, AML / ATF Global Handbook and the Guidelines for Business Conduct.
• Champion a high-performance environment and implement a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment, communicating vison / values / business strategy and managing succession and development planning for the team.

Do you have the skills that will enable you to succeed in this role?

• Candidates should have a breadth of IT, and / or non-financial Risk management experience (governance, operations, audit, control functions, compliance, risk management) over 5+ years.
• Degree in Computer Science, Engineering, Business Commerce or equivalent experience. Additional relevant Certifications would be an asset - ITIL V3 Foundation Cert.

in ITSM, COBIT, CRISC, CISSP.

Requires expert IT Risk management experience in 3+ areas including but not limited to systems design, security, availability / stability / resiliency, disaster recovery, third party risk management, change management, release management, audit, regulatory risk, logical access, software currency.

Exposure to cloud controls would be an asset.

Knowledge of Configuration and Asset Management tools. Provide support to assets owners in the onboarding and maintenance of their applications in the tool, monitor processes and the data quality of corresponding portfolio information assets through these tools.

Experience with ServiceNow is a plus.

Candidate requires strong communication (both verbal and written) and intermediate judicious influencing capability, supported by analytical competencies.

Proficient written and verbal communication required at all levels of the organization is essential.

• Knowledge of global banking businesses including related systems, procedures, regulations.
• Ability to balance contesting or conflicting goals of various stakeholders which requires maturity, negotiation and project management, as well as governance skills.
• Strong PPT, Excel, data analytics and visual dashboarding skills expected.
• Knowledge or understanding of Risk / Control frameworks is desirable (ITIL, ISO, COBIT, NIST).

What’s in it for you ?

Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank.

We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.

Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone.

Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.

• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Dynamic Ecosystem - Free tea & coffee, universal washrooms, and lots of space for team collaboration.
15 days ago