Requisition ID: 226255
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Position: Vice President, Internal Control - Business Line CIOs

Business Line: Office of the Chief Information Officer

The Vice President, Internal Control – Business Line CIOs is a senior-level role responsible for overseeing the internal control framework across Technology and Cybersecurity functions within the bank. As a key member of the 1st Line of Defense (1B), this role ensures that effective internal controls are embedded in day-to-day operations to manage operational, cyber, and technology risks. The VP will work closely with Business Line Chief Information Officers (CIOs), and senior risk stakeholders to support regulatory compliance, risk mitigation, and audit readiness.

This role is critical in fostering a proactive control culture that aligns with the bank's enterprise risk management framework, internal policies, and evolving regulatory expectations.

Accountabilities

Internal Control Oversight (1B Accountability):

• Serve as the 1B control lead for the bank's Technology and Cybersecurity functions.
• Ensure ownership and execution of internal controls remain within the business, with clear accountability for the identification, assessment, mitigation, and ongoing monitoring of operational risks.
• Maintain a robust control environment that supports regulatory compliance (e.g., OSFI E-21, FFIEC, NIST CSF, SOX, Basel Operational Risk Framework).
• Champion a risk-aware culture and drive consistent adoption of internal control standards and practices.

Governance, Risk & Compliance:

• Establish and oversee control governance routines with Technology, Cybersecurity, Risk, and Compliance leadership
• Escalate key control issues, emerging risks, and trends to senior management and governance forums.
• Partner with Enterprise Risk and Internal Audit to align on risk assessment outcomes and develop risk mitigation strategies
• Support the execution of Risk and Control Self-Assessments (RCSA) and ensure timely resolution of identified gaps.

Issue & Incident Management:

• Lead and coordinate root cause analysis for control failures, risk events, and audit findings.
• Oversee the development and execution of remediation plans, ensuring timely and sustainable resolution.
• Maintain transparent tracking and reporting of control issues and their resolution status.

Control Testing & Monitoring:

• Drive design effectiveness and operating effectiveness testing of controls across the Technology and Cybersecurity portfolios.
• Implement key risk indicators (KRIs), control indicators, and dashboards to measure performance and highlight areas of concern.
• Continuously monitor control environment changes and proactively adapt controls to new risks and business initiatives.

Change Risk & Project Advisory:

• Provide internal control guidance and oversight for technology transformation initiatives, system implementations, and cybersecurity enhancements.
• Ensure risk and control considerations are embedded in project governance, change delivery, and business-as-usual processes

Education & Experience

• 10-15 years of Technology Risk and Controls management experience (governance, operations, and management)
• In-depth knowledge of regulatory requirements impacting financial institutions
• Proven strong leadership, communication and strategic influencing capability, supported by well-developed analytical and strategic thinking competencies.
• Expert Technology Risk and Controls management experience; systems design, change management, release management, security services.
• Expert knowledge of multiple global businesses including related systems and procedures.
• Expert ability to balance competing or conflicting goals of various departments and stakeholders which requires a mature, diplomatic approach and highly developed negotiation and influencing skills.
• Excellent communication, facilitation, and presentation skills for developing communication strategies for Executives.
• An ability to anticipate future events, trends, problems and opportunities, and perceive patterns as they emerge.
• Professional certifications such as CPA, CIA, CISA, CISSP, CRISC, or equivalent preferred.

Working Conditions

Work in a standard office-based environment; non-standard hours are a common occurrence. Limited travel domestically and globally required at times.

Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.