Requisition ID: 228566
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Team

The IT Risk Technology Regulatory Compliance Team plays an important role in the Bank's technology and security compliance risk management by implementing the IT&S Regulatory Compliance Management (RCM) Framework in accordance with the regulatory requirements of OSFI's Guideline E13 and in conjunction with the Bank's overall Regulatory Compliance Program. The Technology Regulatory Compliance Team works closely with Global Compliance, IT Risk Advisory teams and front-line technology and security teams in IT&S to providing First Line of Defense for all technology compliance risk domains including IT Governance, IT Risk, Cyber Security, Information Security, Infrastructure, Network and IT Operations, and Software Development and Change Management to ensure overall technology regulatory compliance.

The Role:

You proactively support the Director, Technology Regulatory Compliance to enable the RCM activities, develop a Target Operating Model, an interaction model as well as implementation roadmap & detailed plans to prioritize and execute multiple workstreams to achieve full technology regulatory compliance.

Is this role right for you? In this role you will:

• Identify regulatory obligations and controls according to the technology compliance risk domain(s) assigned to you. This will require working with technology and security Risk Owners across Technology and Digital Banking Senior Vice Presidents (SVPs), Chief Information Officers (CIOs), and Chief Information Security Officer (CISO) & SVP Information Security & Control teams.
• Collaborate and work closely with Business Lines (BLs)/Corporate Function (CFs) partners and technology teams to document controls and map to the technology obligations embedded in business specific regulations for enterprise-level controls.
• Proactively maintain the regulatory library on an ongoing basis by updating the obligations as well as related control documentation and accurate mapping of the correct controls to the obligations.
• Regularly assess inherent risk, control strength and evaluate residual risk.
• Work actively with the global team of risk professionals to develop a technology and security control testing methodology and develop/identify the right tools to assist the execution of testing activities.
• Create and maintain effective reporting and analytics on the compliance measures to monitor and drive compliance gap remediation.
• Proactively identify opportunities to improve effectiveness and enhancements of risk identification and management policies and processes.
• Partner with other risk groups and contribute to the ongoing update and enhancement of controls, frameworks, policies, risk indicators and metrics.
• As needed, collaborate and appropriately challenge the technology and security teams in the assessment of the effectiveness of controls to mitigate regulatory obligations as well as the remediation of control gaps.
• As needed, coordinate with technology and security teams and the testing team to develop and execute testing activities.

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• BA or Postgraduate degree or LL. B with a minimum of 5 years of relevant combined experience in Compliance, Legal or other Control Functions (Audit, Risk, etc.).
• You have strong knowledge in regulatory and industry frameworks, guidelines and standards, governing the management of technology systems and information security (OSFI, COBIT, NIST, ITIL etc.) A Law degree would be a strong asset.
• Experience in interpreting Information technology and security regulatory rules is an asset.
• Great relationship manager and collaborator with solid communication (verbal/written) skills in English. The same in Spanish is a strong asset.
• Possess at least 5 years of demonstrated hands-on experience with risk management, governance, control or audit function.
• Keen on keeping current with emerging trends, best practices, directions and issues in information technology and security and global regulatory developments.
• A bachelor's degree and work experience in IT Risk, IT governance, 3rd party risk management, Information security or IT operations environment, or in a governance function related to Software Development, Infrastructure Operations, Information Security will be a strong asset.
• Relevant certifications of or active pursuit for Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are desirable.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.