Requisition ID: 228752

Tangerine is Canada's leading direct bank. We offer flexible and accessible banking options, innovative products, and award-winning Client service. The reason why Tangerine employees come to work each day is to help Canadians live better lives. We focus on making a difference in our communities, and that includes our own internal community. It's important to us that our employees feel empowered and enthusiastic about belonging to our Orange culture.

The primary focus for the Manager, IT Risk – Data Protection is to manage Data Risk by providing oversight and advisory services to Tangerine Technology Groups and business lines regarding data protection (DP) control environment based on BNS Data Protection Framework, considering industry best practices and regulatory developments. The role will assist in ensuring structured and unstructured data protection controls are effective, and risks are mitigated accordingly. This individual will report directly to the Director, Technology & Cyber Risk.

Is this role right for you? In this role, you will:

IT Risk Governance

• Maintain the compliance oversight of Scotiabank's security and risk management framework, policies, and standards for managing risks to its information assets and systems.
• Identify, assess, prioritize, and report on material IT risks and aligned business areas. This will require working with various Risk owners and other control function groups.
• Liaise with Scotiabank counterparts to identify evolving requirements.
• Monitor evolving industry best practices, regulatory and legislative requirements.
• Provide 1st Line of Defence functions with ongoing guidance to support the implementation of, and compliance with established IT and security requirements.
• Perform various types of data analysis work and prepare monthly / quarterly reporting.

IT Risk Advisory

• Provide directions to Tangerine's functional teams to build their capability to identify, assess, mitigate, and monitor risks associated with their use of information and IT systems.
• Responsible for planning and delivering compliance with BNS Data Protection Framework. Conduct control testing and track remediation.
• Collaborate with management to develop solutions to improve compliance with Data Protection Controls.
• Leads Data Protection related projects that are multi-jurisdictional in scope and/or involve multi-disciplinary project teams.
• Support implementation of a strong Data Protection culture in partnership with stakeholders across various business lines.
• Develop and maintain standardized processes, templates and guidance documentation related to the activities of the role as needed, striving for efficiency and streamlining.
• Collaborates with multiple technology teams including infrastructure and business teams to assess control and remediation actions on the operating environment and ongoing projects.
• Analyze and respond to risk assessment requests assigned to Technology Risk Team.
• Build positive culture for the management of IT and security risks. Deliver ongoing counsel to risk owners to create IT risk awareness.

IT Risk & Compliance Monitoring

• Establish monthly reporting of KPI dashboard.
• Maintain Tangerine's IT KPIs and KRIs within risk appetite for the IT domains assigned.
• Facilitate and contribute to the preparation of management reporting relating to the responsibilities within the role.
• Lead engagement with Tangerine's 2nd and 3rd Line of Defense function to influence the focus, scope, and criteria for the testing of the Bank's IT risk capabilities.
• On-going monitor and track issues raised by Internal Audit, assist risk owners to ensure remediation is completed within pre-defined timelines and risk is addressed appropriately.

Do you have the skills that will enable you to succeed in this role? We would love to work with you if you have:

• Experience in Technology, Information/Cyber Security, Audit, Compliance, regulatory supervision, consulting, or advisory roles.
• Proficiency in creating engaging presentations, utilizing visual storytelling, and formatting slides effectively, along with experience in delivering presentations to various audiences.
• Understands how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions.
• Sound business and technical acumen, with demonstrated agility in learning and ability to quickly become comfortable with unfamiliar businesses areas of technologies.
• Ability to connect programs/projects to broader organizational goals and grasp the key performance drivers of business partners.
• Supports an environment in which the team pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank's Values, its Code of Conduct and the Global Sales Principles, while ensuring adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance and conduct risk.
• Builds and maintains strong relationships with key contacts within Technology, Operations, and the Business Units to support effective management and delivery of goals for the role.
• Excellent communication (presentation skills, verbal and written). The ability to communicate confidently and clearly on conference calls, in meetings, via email, etc. at all levels of the organization.
• Proven ability to work both independently and within a team environment.
• Must also be proactive and creative, with strong, proven ability to plan and manage competing priorities, as well as ability to recognize and appropriately handle sensitive and confidential information.
• Excellent stakeholder management and influencing / negotiation skills, capable of balancing multiple perspectives, effective at all levels.
• Bachelor's degree in business or science.
• Relevant certification in Security / Risk Management.

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Location(s): Canada : Ontario : Toronto

At Tangerine we value the unique skills and experiences each individual brings to the team, and are committed to creating and maintaining an inclusive and accessible environment. If you require accommodation during the recruitment and selection process, please let our Recruitment team know.