Requisition ID: 209734
Salary Range: 174,700.00 - 286,000.00
Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Global Banking and Markets
Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world.
Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group.
Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future!
Purpose
The Director, GIAM (Global Identity & Access Management) IAM risk and regulatory service delivery will lead the regulatory reporting for the IAM workstream, standard measurement and adherence, centralized exception management, support for compliance testing and regulatory responses, and develop compliance measurements and risk thresholds to accelerate risk reduction and improve regulatory compliance across Scotiabank. This transformation requires a dynamic leader who can engage horizontally across multiple lines of business, CIO technology teams, and all three lines of defense.
The role will have oversight of account lifecycles and tightly define mandatory and preferred controls. This role will also work with the IS&C governance team to update authentication and access management standards and accompanying procedures and policies, as required, to ensure clarity of accountability. In addition, this role will partner closely with central security governance services to define metrics and risk thresholds. This role will also interface with the bank’s regulatory relations team to prepare responses and meetings.
The incumbent will lead the development of a regulatory response and compliance program for Identity and Access Management.
What You’ll Do
Develop a Strategy for IAM Governance and the Bank’s IAM On-boarding Roadmap
- In partnership with IAM Product and Architecture, provide governance for IAM solutions and initiatives across global channels.
- Develop mandatory and optional controls for application, platform and human adoption.
- Contribute to the Enterprise IAM technology roadmap and recommend capabilities for engineering and implementation.
- Work with existing governance teams to author standards that inform accountability and enable proper risk management and governance.
- Work with standards and governance partners to develop a gap analysis and develop adoption expectations, impacts, and compliance dates.
Partner with CIO Partners and Business Channels, teams to develop a control program and drive control adoption
- Chair the newly formed Identity and Access Management Cross-Functional Leadership Council.
- Establish strong partnerships with channels and service communities accountable for building and integrating into IAM services.
- Facilitate, influence, and govern to institute best practices defined through security engineering and enterprise IAM patterns, designs, and implementation blueprints.
- Work with risk partners to share subject matter expertise, representing IAM on cross-functional transformational programs, to drive priorities and risk reduction.
Partner with Enterprise Security Services, Cybersecurity Operations, Enterprise Platforms, Architecture, and Corporate Security
- Fortify alignment between access management standards and control adoption.
- Support cybersecurity operations on anomalies and potential insider incident investigation.
- Partner with enterprise data enablement and architecture teams on global identity strategy, focusing on risk measurement and controls.
Drive Continuous Evolution of IAM Control Improvements and Risk Reduction
- Development with IAM Engineering, risk partners, CIO teams, platform leaders, regional CISOs, and all lines of defense on continuous enhancement and risk reduction.
- Participate in audits where IAM is engaged either directly or tangentially in support of other teams.
- Work with Control Testing teams to develop appropriate tests and plug control gaps expeditiously when found.
- Contribute to regulatory meeting materials and attend to represent if required.
People Leader
- Lead a dynamic department of security business analysts, onboarding professionals and technical operators of ~5 FTEs and scaling bench of contractors and vendors if required.
- Participate in risk committees and steering councils to represent Identity and Access Management incorporated into enterprise decisions.
- Participate in major policy and governance initiatives as the access management subject matter expert (e.g., standard updates, regulatory materials).
What You’ll Bring
- University degree, preferably in Cybersecurity, Engineering, Computer Science or related field, and a minimum of 10 years’ experience in Information Security leadership roles, with at least 5 years leading a Security function in a complex, global organization. 5 years with experience building and running enterprise programs. Financial services and, specifically, banking experience is highly desired.
- Detailed knowledge of, and experience working with, one or more formal security frameworks. Detailed knowledge of Canadian and US security regulations is highly desired.
- Demonstrated ability to lead global teams in a highly complex and matrixed organization. Ability to lead through influence, excellence and example is essential to success.
- Strong leadership and collaboration skills. Excellent oral and written communication, ability to present confidently to senior executives, attention to detail and strong planning and management ability.
- The incumbent must be a very strong leader, with demonstrated ability to lead diverse teams and build and maintain credibility with technical and non-technical stakeholders, alike. Deep knowledge of relevant technologies must be combined with the ability to lead highly technical teams, strong business acumen and excellent communication and listening skills.
- The incumbent should have experience as a key partner in global technology transformation efforts, demonstrating the ability to inspire and align diverse points of view, drive efficient and effective decision-making, and to deliver and support a robust information security governance framework.
- Deep and broad knowledge of enterprise and security technologies is expected. Specific strong knowledge and experience with identity, common hosting, storage and networking technologies, as well as cloud, is required.
- The incumbent should have experience delivering excellent results in a large, complex and global environment with a mix of emerging, current and legacy technology. Familiarity and direct experience with outsource delivery models is essential, and experience with successful repatriation of services is highly desired.
- Experience with and knowledge of formal project management methodologies is desired.
- English fluency required, Spanish ability a plus.
Interested?
If your experience is closely related but doesn’t align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank!
At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That’s why we work to grow and diversify talent and engage employees in a performance-oriented culture.
What's in it for you?
Scotiabank wants you to be able to bring your best self to work – and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs.
Location(s): United States : New York : New York City
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.