IT Risk Lead

The role

You support the Director, Technology Internal Controls in achieving GTEP’s top priorities of IT Risks more specifically IT Issues Management by collaboratively assessing, analyzing and quantifying IT risk, designing controls and assisting in their implementation. It is part of a strategic and comprehensive IT Risk Management cross‑functional organization, ensuring control implementation in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.

You will be working with colleagues & constituents across the Scotiabank footprint. Collaboration technologies, such as MS Teams, will be at your disposal to connect with Scotia bankers around the globe.

• You are prepared to act in the line of defence as Technology Internal Controls (1B) to ensure implementation of initiatives in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices.
• You collaborate with Risk Owner (1A) teams, risk owners, to build their capability to identify, assess, mitigate, and monitor risks associated with their use of information and IT systems.
• You have no hesitation to act as a primary interface and conduit between the risk owners and other lines of defence including Global Risk Management, internal audit, external audit, equivalent risk advisors, and regulators in various business areas to oversee the facilitation and execution of risk management activities.
• You are adept in identifying, assessing, prioritizing, and reporting on material risks for IT and aligned business areas. Conduct risk assessments and ensure observations, issues and outputs are recorded in enterprise tools; support IT risk control testing and monitoring and help risk owners with remediation plan.
• You are eager to monitor IT risk Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) and develop or manage programs to established performance within bank risk tolerance. Prioritize risk activities, ensure timely remediation, and escape when necessary.
• You embrace the coordination of control testing. Facilitate evidence collection and escape conflicts or roadblocks to relevant Subject Matter Expert (SME) to ensure control testing is completed as per schedule. Prepare quarterly regulatory attestations.

• You can demonstrate solid communication (verbal/written) skills in English. The same in Spanish is preferred. Furthermore, your ability to communicate confidently and clearly on conference calls, in meetings, via email, etc. at all levels of the organization is essential.
• You have at least 7+ years of hands‑on working experience in IT and risk management functions at a financial services organization (areas of focus could be in governance, operations, internal/external audit, control functions, compliance, risk management, or risk consulting).
• You possess proven management and strategic influencing capability, supported by well‑developed logical and strategic thinking capabilities.
• You have a good track record on balancing conflicting priorities of various departments and stakeholders, which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.
• You can demonstrate an ability to establish and maintain healthy relationships with different stakeholders (risk owners, oversight, audit, etc.) for a more effective collaboration.
• You have experience using tools such as Excel, Power
  
  BI, or SQL to aggregate, summarize and analyze data to produce insightful dashboards helping stakeholders to focus on problem areas.
• A solid asset to have:
  1) ability to identify key priorities and multitask; and
  2) strong understanding of infrastructure risks.

• Diversity, Equity, Inclusion & Allyship – We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias‑free practices and inclusive values across Scotiabank. We embrace diversity and…