Senior Manager Cyber Security and IT Risk
Requisition ID: 74445
Join the Global Community of Scotiabankers to help customers become better off. Purpose
Contribute to the overall successful development and execution of a second line of defense program for Cyber Security and IT risk. Perform assessments of risk management practices carried out by the first lines of defense, carries out quantitative analysis of threat and vulnerability scenarios which may impact global IT systems operation as well as business processes supporting the Bank's multiple delivery channels, ensuring all operates within the Bank's risk appetite levels.
Delivers, challenge and perform independent assessment and oversight of risk management practices carried out by the first line of defence.
Ensure that the Bank's processes and controls relating to Cyber Security and IT Risks are sufficient to comply with regulatory requirements, internal policies and standards. Key Accountabilities
Education / Experience
- Collaborates with internal and external partners to ensure information sharing and support complementary and contrasting risk oversight initiatives as appropriate.
- Guides IT, Security and other control functions on Cyber Security and IT Risk management processes, systems and procedures; reviews and provides advice relating to policies frameworks, standards and control objectives
- Delivers objective evaluation and oversight of risk management practices carried out by the first line of defence to ensure that the Bank's processes and controls relating to Cyber Security and IT Risks are sufficient to maintain the consistent operation of systems, the continuous availability and integrity of data and the confidentiality of sensitive information.
- Promote a culture of Cyber Risk awareness across the organization.
- Effectively challenging the technology and business unit's first line of defense assessment, risk acceptances, exceptions, issues and remediation plans in support of the risk control practices.
- The ability to manage cyber security projects, meet deadlines and manage stakeholder expectations.
- 5+ years experience in consulting and advisory roles. Experience in the Security and Information Technology Industry.
- 5+ years of experience with IT Operations, Information/Cybersecurity risk experience. Subject matter expertise is an asset.
- Demonstrated ability to analyze complex data in order to arrive at succinct messages and conclusions.
- Excellent interpersonal, leadership and relationship-building skills to deal with senior levels of management, local and remote business partners and regional risk teams.
- Experience using COBIT, ITIL and other IT Operation specific industry frameworks. Experience using of GRC risk management tools. Professional certifications and membership of associations such as CRISC, CISA, CISSP, CISM, etc. are an asset.
- Must have a proven demonstrated practice in leading and executing change initiatives
- Experience with statistical modeling and data science methods, including Bayesian methods. Experience programming in statistical languages such as Python, R, or Matlab
- Master's degree or higher in science, technology, engineering, or mathematics is an asset
- Bilingual in Spanish with superior oral and written skills is an asset.
- Military experience is an asset.
Location(s): Canada : Ontario : Toronto
As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. Our employees are committed to a superior customer experience and use the Bank's six guiding sales practice principles to ensure they act with honesty and integrity.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted. Job Segment:
Risk Management, Consulting, Law, Cyber Security, Finance, Security, Technology, Legal