IT Risk Director, Global Wealth Management

IT / Internet

Job Overview

Job title: IT Risk Director, Global Wealth Management

Company: Scotiabank

Job description: Requisition ID: 97019

Join the Global Community of Scotiabankers to help customers become better off.

Global Wealth Management Technology IT Risk Advisory team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for the Global Wealth portfolio on all technology risk domains, including Cyber Security, Data Privacy, Software Lifecycle Management, Capacity, Incident Management, Disaster and Backup Recovery, Third Party Management, Project Management, and Audit & Regulatory issue remediations.

Director, IT Risk (CIO Risk Advisor) directly supports the CIO/Senior Vice-President, Global Wealth Management Technology, to collaboratively assess, analyze and quantify technology risk, design controls and assist in their implementation and testing within the business line. This role is part of a strategic and comprehensive IT Risk Management Function within the Technology First Line of Defence, and ensures design and implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.

The role includes significant coordination and engagement with peers in Global Wealth Management 1st line of defense and 2nd and 3rd line of defense for Technology in the execution of risk management activities, inclusive of regular updates, formal reporting and managing remediation commitments identified (e.g. audit findings).

Major Accountabilities:

  • Advises and supports risk owners in day to day risk management activities and execution. Assists risk owners in adhering to policies, frameworks, standards and guidelines through active engagement, guidance and counselling. Advises on the design and implementation of controls, and remediation plans to mitigate risk.
  • Acts as a primary interface and conduit between the risk owners and other risk groups to lead the facilitation and execution of risk management activities.
  • Compiles and (where applicable) presents risk update reports for various risk groups, including technology risk updates to the monthly Global Wealth Management Core Risk Committee (CRC) and Technology Risk Council.
  • Identifies, assesses, prioritizes and reports on material IT risks for IT and aligned business areas. This will require working with equivalent Risk Advisors in various business areas. Ensures outputs are recorded in the enterprise Global Issue Management system and in full compliance of all policies and common standards, including the IT Risk Management Policy and Framework.
  • Ensures implementation of a strong IT risk culture in partnership with the risk owners and other control functions.
  • Monitors, tracks, and manages technology risk indicators for the Global Wealth Management portfolio
  • Manage the overall remediation plans, including any specific “path to green” plans for applicable risk domains.
  • Oversees audit issue remediation to meet the annual enterprise target, and SOX control testing across the portfolio by working with Internal and External Audit.
  • Partner with Business Internal Control team on Operational Control Self-assessments to conduct risk assessments of key applications/systems supporting key business processes.
  • Manage technology risk and control self assessments for the Global Wealth Management portfolio.
  • Perform identified thematic risk review assessments for the Global Wealth Management portfolio.
  • Conduct New Initiative Risk Assessments (NIRA) for applicable initiatives and provide consulting on technology risks as applicable.
  • Identify pervasive technology risk issues or issues that are common across the landscape.
  • Performs control testing and monitoring as applicable.
  • Review and contribute to technology policies and standards under development or review, as applicable.
  • Monitor effectiveness of portfolio impacting governance processes such as change management, project management and architecture reviews, for enforcing control requirements.
  • Engage in business integration projects to ensure all appropriate technology controls and processes are implemented; and enable the implementation of appropriate technology controls and processes in non-integrated subsidiaries.
  • Collaborates with IT Risk directors for other business units to improve risk management practices across the enterprise.
  • Builds a high-performance environment and implements a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment and using a coaching mindset and behaviors; communicating vison/values/business strategy; and, managing succession and development planning for the team.

Functional Competencies:

  • Candidates require strong leadership, communication and strategic influencing capability, supported by well-developed analytical and strategic thinking competencies.
  • Strong ability to balance competing or conflicting goals of various departments and stakeholders which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.
  • Strong ability to challenge leadership team especially when there is a need to balance control and compliance priorities with competing objectives.
  • Good communication, facilitation and presentation skills for developing communication strategies for Executive approval through to implementation of strategies and programs.
  • Ability to work collaboratively with teams, and manage team members, across multiple locations in multiple countries.

Education/Experience:

  • Knowledge and experience in at least 5 technology disciplines, such as software development, API management, system design, information security, technology resilience, technology third party management, cloud computing, midrange and mainframe computing, project management, incident – problem – change management, networks and disaster recovery.
  • Knowledge of wealth management and asset management business is desirable
  • Experience in other risk management roles (across any line of defence) is desirable.
  • Experience in managing remediation programs is desirable.
  • Data Analytics and Visual dashboarding skills (PowerBI/Tableau) are desirable.
  • Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and Certified in Risk and Information System Control (CRISC) are desirable.

Location(s): Canada : Ontario : Toronto

As Canada’s International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. Our employees are committed to a superior customer experience and use the Bank’s six guiding sales practice principles to ensure they act with honesty and integrity.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Expected salary:

Location: Toronto, ON

Job date: Sat, 13 Feb 2021 06:50:37 GMT

Apply for this job
Share:

Search Job

JobAdvisors.ca provides a centralized location for employers and job seekers. We update industry job trends, prospects and other vital information, from verified sources, for both Jobseekers and Employers and promote the content in multiple social media channels.

Follow us on:

    

T&C

Terms & Conditions