Global Head , Technology Risk Officer (TRO)
City : Toronto, ON, CA, M5H1H1
Category : Computer Security Specialists
Industry : Financial Services/Banking
Employer : Scotiabank
Requisition ID: 209055
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Attention Risk Leaders!!!! Do you consider yourself an expert in Technology Risk i.e. Cyber, Digital and IT Risk, assessing risk, ensuring remediations, recommending controls and have experience leading a large team? Love to engage with business and technology leaders globally and work on ensuring trust for our customers and employees ? We at Scotiabank are looking for you to build robust technology risk related controls and processes and ensure they are maintained and adhered to within our Wealth Management Technology portfolio. In this role you will directly support the Technology Risk leadership as well as the SVP/CIO to collaboratively assess, evaluate and remediate technology risk, design controls and assist in their implementation at a global scale.
This role is great for you , if you can
- Champion a customer trust focused culture to deepen relationships with Sr. leadership, peers, and functional groups by leveraging Technology risk expertise.
- Provide direction to 1st Line of Defense (1A) teams, Risk owners, to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems.
- Provide the 1st Line of Defense (1B) function in technology with collaborative guidance to support the implementation of, and compliance to, established IT Standard, Policies, Procedures, regulatory and cyber and IT risk requirements through active engagement, guidance and counselling.
- Act as a primary interface and conduit between the 1A risk owners and other risk groups or advisors in various business areas including Privacy, Compliance, Finance, Risk Management to spearhead the facilitation and execution of risk management activities.
- Manage Technology Risk identification, assessment, prioritization for relevant business areas. Ensures observations, issues and outputs are tracked and actioned. Support Technology control testing and monitoring and help Risk Owners with remediation plans.
- Partner with and face other business areas and risk groups to assess, implement and communicate new/updated risk controls, frameworks, policies, risk indicators, metrics and limits.
- Oversee analyses of systems and deliver monthly and quarterly reporting for senior management. Develop reports and presentations to deliver updates on KPIs/KRIs to various audiences, including senior business risk committees. Develop or manage programs to establish KRI performance within the bank’s risk tolerance.
- Prioritize risk activities, ensure timely remediation and escalate when necessary including SOX and BCBS 239 related compliance
- Actively pursue effective and efficient operations of in support of Wealth Management while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, and our Code of Conduct.
- Champion a high-performance environment and implement a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment, communicating vison/values/business strategy and managing succession and development planning for the team.
- Creates an environment in which their team pursues effective and efficient operations of their respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
- Builds a high-performance environment and implements a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment and using a coaching mindset and behaviours; communicating vison/values/business strategy; and managing succession and development planning for the team.
- Pursuing Technology, Cyber, Digital and IT Risk control process improvements and the protection of emerging technologies
- Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge
- Leads the design and operation of related cyber and compliance monitoring and improvement activities to ensure compliance both with cyber and various technology policies and applicable laws and regulations.
- Provides and maintains technical expertise on security and resiliency aspects of systems, applications, and networks currently resident in the company and those planned for in the future.
- Reviews system development, maintenance and acquisition efforts to ensure efficient and adequate security provisions.
Skills that are required to excel in this role :
- Have a breadth of IT, and/or non-financial Risk management experience (governance, operations, audit, control functions, compliance, risk management) over 7+ years.
- Have a strong leadership, communication (both verbal and written) and judicious influencing capability, supported by well-developed logical and judicious thinking competencies. Proficient written and verbal communication required at all levels of the organization is essential especially in communicating complex technology requirements and expectations to non technology business partners and various committees.
- Requires expert Cyber and IT Risk management experience in 5+ areas including but not limited to; systems design, security, availability/stability/resiliency, disaster recovery, third party risk management, change management, release management, audit, regulatory risk, logical access, software currency. Exposure to cloud controls would be an asset.
- Knowledge of global banking businesses including related systems, procedures, regulations expected. Additional merit awarded for experience in relevant portfolio business line.
- Ability to balance contesting or conflicting goals of various departments and stakeholders which requires a mature, diplomatic approach and highly developed negotiation project management, governance and influencing skills.
- Strong presentation design and delivery as part of the leadership team. Data Analytics and Visual dashboarding would be desirable.
- Knowledge or understanding of Risk / Control frameworks and Cloud is desirable (NIST, CCNA, CISSP, CISM, CISA, ITIL, COBIT etc)
- Advanced degree in Computer Science, Engineering, Business Commerce or equivalent experience.
Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.