×
Register Here to Apply for Jobs or Post Jobs. X

Senior Manager, IT Risk

Job in Toronto, Ontario, C6A, Canada
Listing for: Scotiabank
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst, IT Consultant, Information Security
Salary/Wage Range or Industry Benchmark: 90000 - 130000 CAD Yearly CAD 90000.00 130000.00 YEAR
Job Description & How to Apply Below

Overview

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Contributes to the overall success of Cyber & IT Risk Management, Global Risk Management (GRM) globally ensuring specific individual goals, plans, initiatives are executed and delivered in support of the team’s business strategies and objectives. Ensures all activities are conducted in compliance with governing regulations, internal policies and procedures.

Leads expert technical risk assurance and control oversight to ensure the bank achieves its objectives while effectively managing risk. Collaborate with cross-functional teams across the first line of defense to identify, assess, and mitigate emerging risks and vulnerabilities. This role is crucial in fostering a robust risk culture and driving continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.

As part of the second line of defense, the Cybersecurity and IT Risk team provides independent oversight and challenge, and assists in developing methodologies, policies, processes, and tools to support the Cyber and IT Risk Management Framework.

Responsibilities
  • Lead 2nd Line Challenge:
    Conduct comprehensive challenge to identify potential threats and vulnerabilities in the Bank’s processes, systems, and operations. Partner with 1st line of defense to develop risk mitigation strategies across key cyber and IT domains. Challenge IT and cybersecurity risks within scenario analysis and thematic reviews. Conduct cyber risk assessments, metrics, and controls within globally complex, dispersed, and diverse organizations.
  • RCSA Program Management. Define the annual plan, in collaboration with GOR, the business and IT Risk. Assign resources as needed on selected RCSAs. Review and challenge the scope for IT, participants, and IT Profile for RCSAs.
  • Risk Assessment and Identification. Objectively review & challenge the inherent risk, control effectiveness, and residual risk assessments & rationales, as well as related issues/APs, for technology specific risk/controls. Provide feedback and follow up on the technology specific risk/control responses.
  • Issue Management. Ensure all IT risks/controls have been properly documented and reflected in deliverables and applicable tracking systems, including suitable action plans.
  • Reporting and Monitoring. Prepare reports on IT components of RCSAs, including findings, track IT risk trends, and monitor the effectiveness of controls.
  • Training and Communication. Develop and deliver training programs to educate and support peers and stakeholders on IT processes of the RCSAs and best practices.
  • Stakeholder Management. Act as a liaison between business units, control owners, IT Risk and other stakeholders.
  • Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
  • Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
  • Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabank’s Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
  • Champions a high performance environment and contributes to an inclusive work environment.
Qualifications
  • Strong expertise in IT Risk Management (e.g. Logical Access, Data Leakage, Disaster Recovery)
  • Master’s degree or higher in science, technology, engineering, business administration is an asset.
  • 5+ years of experience in Technology or Operational Risk Management, IT Audit, IT Compliance, regulatory-supervision, consulting or advisory roles.
  • 1+ years of experience in RCSAs as part of the 1

    LoD or 2

    LoD.
  • Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT) is preferred
  • Experience using of GRC risk management tools.
  • Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR)
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies
  • Advanced knowledge of data analytics and data literacy
  • Spanish proficiency is required.
Benefits
  • The opportunity to join a forward-thinking and collaborative team, surrounded by innovative thinkers.
  • A rewarding career path with diverse opportunities for professional development
  • Internal training to support your growth and enhance your skills.
  • An inclusive working environment that encourages creativity, curiosity, and celebrates success!

Location(s):
Canada :
Ontario :
Toronto

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary