Senior Manager IT Regulatory Compliance (Legal background)

September 14 2021
Industries Bank, Insurance, Financial services
Categories Accounting, Finance, Executive, CTO, Forensic accounting, Fraud, Generalist, Information Technology, Legal, Paralegal
Toronto, ON

Requisition ID: 107387

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Title: Senior Manager, IT Regulatory Compliance

The team

The IT Risk Technology Regulatory Compliance Team plays an important role in the Bank’s technology and security compliance risk management by implementing the IT&S Regulatory Compliance Management (RCM) Framework in accordance with the regulatory requirements of OSFI’s Guideline E13 and in conjunction with the Bank’s overall Regulatory Compliance Program. The Technology Regulatory Compliance Team works closely with Global Compliance, IT Risk Advisory teams and front line technology and security teams in IT&S to providing First Line of Defense for all technology compliance risk domains including IT Governance, IT Risk, Cyber Security, Information Security, Infrastructure, Network and IT Operations, and Software Development and Change Management to ensure overall technology regulatory compliance.

The role:

You proactively support the Director, Technology Regulatory Compliance to enable the RCM activities, develop a Target Operating Model, an interaction model as well as implementation roadmap & detailed plans to prioritize and execute multiple workstreams to achieve full technology regulatory compliance.

Is this role right for you?

Specifically, supporting the Director, Technology Regulatory Compliance,

  • Identify regulatory obligations and controls according to the technology compliance risk domain(s) assigned to you. This will require working with technology and security Risk Owners across Technology and Digital Banking Senior Vice Presidents (SVPs), Chief Information Officers (CIOs), and Chief Information Security Officer (CISO) & SVP Information Security & Control teams.
  • Collaborate and work closely with Business Lines (BLs)/Corporate Function (CFs) partners and technology teams to document controls and map to the technology obligations embedded in business specific regulations for enterprise-level controls.
  • Proactively maintain the regulatory library on an ongoing basis by updating the obligations as well as related control documentation and accurate mapping of the correct controls to the obligations

  • Regularly assess inherent risk, control strength and evaluate residual risk.
  • Work actively with the global team of risk professionals to develop a technology and security control testing methodology and develop/identify the right tools to assist the execution of testing activities
  • Create and maintain effective reporting and analytics on the compliance measures to monitor and drive compliance gap remediation
  • Proactively identify opportunities to improve effectiveness and enhancements of risk identification and management policies and processes.
  • Partner with other risk groups and contribute to the ongoing update and enhancement of controls, frameworks, policies, risk indicators and metrics.
  • As needed, collaborate and appropriately challenge the technology and security teams in the assessment of the effectiveness of controls to mitigate regulatory obligations as well as the remediation of control gaps.
  • As needed, coordinate with technology and security teams and the testing team to develop and execute testing activities.

Do you have the skills that will enable you to succeed in this role?

BA or Postgraduate degree or LL. B with a minimum of 5 years of relevant combined experience in Compliance, Legal or other Control Functions (Audit, Risk, etc.), with the following skills and attributes:

  • You have strong knowledge in regulatory and industry frameworks, guidelines and standards governing the management of technology systems and information security (OSFI, COBIT, NIST, ITIL etc.) A Law degree would be a strong asset.
  • Experience in interpreting Information technology and security regulatory rules is an asset.
  • Great relationship manager and collaborator with solid communication (verbal/written) skills in English. The same in Spanish is a strong asset.
  • Possess at least 5 years of demonstrated hands-on experience with risk management, governance, control or audit function.
  • Keen on keeping current with emerging trends, best practices, directions and issues in information technology and security and global regulatory developments.
  • A Bachelor’s Degree and work experience in IT Risk, IT governance, 3rd party risk management, Information security or IT operations environment, or in a governance function related to Software Development, Infrastructure Operations, Information Security will be a strong asset.
  • Demonstrate can-do spirit and resilience with a good sense of urgency to deliver.
  • Relevant certifications of or active pursuit for Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are desirable.

What's in it for you?

  • We provide an excellent opportunity to lead initiatives with risk and IT professionals across Scotiabank’s global footprint to Keep the Bank Safe and Amplify results.
  • We are technology partners who help the business transform how our employees around the world work.
  • We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success!
  • You'll get to work with and learn from diverse industry leaders, who have hailed from top technology companies around the world.
  • We foster an environment of innovation and continuous learning.
  • We care about our people, allowing them to design how they work to deliver amazing results.

We offer a competitive total rewards package, including a performance bonus, company matching programs (pension & Employee Share Ownership), generous vacation; health/medical/wellness benefits; employee banking privileges.

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Apply now! network