Requisition ID: 212524
Salary Range: 117,400.00 - 224,700.00
Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Global Banking and Markets
Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world.
Global Banking & Markets provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients. Our products include debt and equity financing, mergers & acquisitions, corporate banking, institutional equity sales, trading and research, fixed income products, derivatives, energy, foreign exchange and precious & metals. We also cross-sell the full range of wholesale products and services offered by the Scotiabank Group.
Be part of an innovative, Global Capital Markets and Investment Banking business with a unique geographic footprint that puts capital to work for our clients across industries! We work together to drive ambition for every future!
Overview
The Information Security and Control (IS&C) Senior Manager will participate and manage various aspects of information security and contribute to the overall success of the U.S. IS&C’s governance, regulatory compliance, and risk program.
This role requires a seasoned professional with a strong background in information security, risk management, cybersecurity/technology risk, disaster recovery and technology resilience, cloud security, SDLC, compliance, policy, and governance. The IS&C Senior Manager will lead, provide advisory, and governance over all technology and cyber functions. The person will also play a pivotal role in reviewing and managing technology and security policies, procedures, and controls to protect the organization's data, systems, and networks.
The role will be expected to work closely with the senior management team to establish and maintain a robust cybersecurity and technology risk management program to proactively safeguard the organization from security threats by ensuring that vulnerabilities are identified, monitored, and treated, as well as ensuring the Bank meets regulatory compliance.
What You’ll Do
- Technology and Regulatory and Compliance Management:
- Monitors, analyzes, and reports on cybersecurity and technology requirements against relevant U.S. regulations and cybersecurity standards, such as NYSDFS, FFIEC, and NIST CSF.
- Continuously monitors and assesses the effectiveness of technology and security controls and processes, identify gaps in the current control environment.
- Manages and updates control library.
- Cybersecurity and Technology Risk Governance:
- Understands how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
- Supports technology and security control/risk reporting in various forms such as deep dive presentations, assessment reports, gap analysis, etc.
- Identifies and assesses cybersecurity and technology risks to ensure compliance with regulations and internal policies.
- Performs risk assessments and provide updates to executive leadership and collaborate with various departments to manage risks effectively.
- Risk and Issues Management:
- Reports and tracks all technology issues that pertains to audits, regulatory requirements, control testing, and other issues.
- Provides guidance to internal stakeholders on technology best practices.
- Provides insights and recommendations for continuous improvement.
- Monitors and tracks the progress of risk mitigation efforts related to cybersecurity and technology.
- Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct, and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
- Champions a high-performance environment and contributes to an inclusive work environment.
What You’ll Bring
- Required 8+ years of experience in Information Security or related cybersecurity field.
- Experience in IT key security controls/mechanisms and risk assessment concepts pertaining to complex data, application, and networking environments.
- Prior experience and knowledge managing cybersecurity program.
- Prior experience and knowledge with NYSDFS, FFIEC, or other US financial regulatory audits.
- Have strong verbal and written communication skills in English with excellent individual project management and tracking skills.
- Cybersecurity related certification is preferred (CISSP, CCSP, CRISC, CISM).
- University degree or college diploma in a cybersecurity related field is preferred.
Interested?
If your experience is closely related but doesn’t align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank!
At Scotiabank, every employee is empowered to reach their fullest potential, respected for who they are and, embraced for their differences. That’s why we work to grow and diversify talent and engage employees in a performance-oriented culture.
What's in it for you?
Scotiabank wants you to be able to bring your best self to work – and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs.
Location(s): United States : New York : New York City || United States : Texas : Houston
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
