Current jobs related to Senior Manager, Cyber Security and IT Risk Management - Toronto, Ontario - Scotiabank

  • Cyber Security Risk Director

    2 days ago

    Toronto, Ontario, Canada Fidelity Canada Full time $120,000 - $180,000 per year

    Job DescriptionYou will be working on a flexible hybrid schedule as part of Fidelity's dynamic working arrangement.Who We AreAt Fidelity, we've been helping Canadian investors build better financial futures for over 35 years.  We offer individuals and institutions a range of trusted investment portfolios and services - and we're constantly seeking to find...

  • Manager, Cyber Security

    1 week ago

    Toronto, Ontario, Canada Innocap Full time $150,000 - $200,000 per year

    About InnocapInnocap is the world's leading firm of managed account platform services. With over US$89 billion in assets under management, over 500 employees and offices in five countries, we are shaping the future of alternative investments for institutional owners and allocators. Our mission is to revolutionize the asset management industry and to provide...

  • Manager, Cyber Security

    1 week ago

    Toronto, Ontario, Canada Innocap Plastik Ambalaj Full time $150,000 - $200,000 per year

    Innocapabout 20 hours agoToronto, OntarioSenior Levelfull_timeAbout the roleAbout Innocap Innocap is the world's leading firm of managed account platform services. With over US$89 billion in assets under management, over 500 employees and offices in five countries, we are shaping the future of alternative investments for institutional owners and allocators....

  • Cyber Security Risk Analyst

    1 week ago

    Toronto, Ontario, Canada S&P Global Full time $120,000 - $180,000 per year

    About the Role:Grade Level (for internal use): 10S&P Dow Jones IndicesThe Role: Cyber Security EngineerThe Team:Are you passionate about cyber security? Do you enjoy solving complex problems and collaborating with diverse teams? The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. The...

  • Cyber Security Risk Analyst

    1 week ago

    Toronto, Ontario, Canada S&P Global Full time $90,000 - $120,000 per year

    About the Role:Grade Level (for internal use):10S&P Dow Jones Indices The Role: Cyber Security EngineerThe Team: Are you passionate about cyber security? Do you enjoy solving complex problems and collaborating with diverse teams? The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement....

  • Senior Consultant Cyber Security

    1 day ago

    Toronto, Ontario, Canada KPMG Full time

    Overview:At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.Are you a talented individual with a proven track record on executing project deliverables.Our Cyber Security team in Toronto is looking for a professional like you with the...

  • Cyber Security Analyst

    1 week ago

    Toronto, Ontario, Canada RANA SOFT CONSULTING Full time US$80,000 - US$100,000 per year

    Company DescriptionWe suggest you enter details here.Role DescriptionThis is a full-time, on-site role based in Toronto, ON, for a Cyber Security Analyst. The primary responsibilities include monitoring and responding to security incidents, analyzing threats and vulnerabilities, performing malware analysis, implementing application security measures, and...

  • Senior Manager, IT Risk Assessment

    7 days ago

    Toronto, Ontario, Canada RBC Full time $120,000 - $180,000 per year

    Job DescriptionWhat is the opportunity?Global IT Risk (GITR) enables the protection of RBC's brand, systems, and operations by equipping business and technology partners with meaningful insights, guidance, advice, and information on Technology & Cyber Risks. Our vision is to build and deliver the best IT and risk practices, capabilities and solutions to...

  • Senior Manager, Payments Security

    1 day ago

    Toronto, Ontario, Canada RBC Full time $120,000 - $180,000 per year

    Job DescriptionWhat is the opportunity?As a Senior Manager on the Payments Security team, you will take on a critical role in safeguarding RBC's payments infrastructure and ensuring its compliance with regulatory and security standards. Your responsibilities will encompass overseeing the execution of security assessments, governance processes, and...

  • Lead Cyber Security Engineer

    1 week ago

    Toronto, Ontario, Canada EQ Bank Full time $120,000 - $180,000 per year

    Purpose of the Job: The Lead Cyber Security Engineer – Cyber Defense is responsible for designing, fixing and maintaining tools and processes to ensure fast and flawless cyber security threat detection, investigation and response along with keeping systems related to cyber operations up-to-date and effective. Their primary responsibilities will be...

Senior Manager, Cyber Security and IT Risk Management

2 weeks ago

Toronto, Ontario, Canada Scotiabank Full time $120,000 - $180,000 per year

Requisition ID: 230577

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Contributes to the overall success of Cyber & IT Risk Management, Global Risk Management (GRM) globally ensuring specific individual goals, plans, initiatives are executed/delivered in support of the team's business strategies and objectives. Ensures all activities are conducted in compliance with governing regulations, internal policies and procedures.

Leads expert technical risk assurance and control oversight to ensure the bank achieves its objectives while effectively managing risk. Collaborate with cross-functional teams across the first line of defense to identify, assess, and mitigate emerging risks and vulnerabilities. This role is crucial in fostering a robust risk culture and driving continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.

As part of the second line of defense, the Cybersecurity and IT Risk team provides independent oversight and challenge, and assists in developing methodologies, policies, processes, and tools to support the Cyber and IT Risk Management Framework.

Is this role right for you? In this role, you will:
Including, But Not Exclusively

  • Lead 2nd Line Challenge: Conduct comprehensive challenge to identify potential threats and vulnerabilities in the Bank's processes, systems, and operations. Partner with 1st line of defense to develop risk mitigation strategies across key cyber and IT domains. Challenge IT and cybersecurity risks within scenario analysis and thematic reviews. Conduct cyber risk assessments, metrics, and controls within globally complex, dispersed, and diverse organizations.
  • RCSA Program Management. Define the annual plan, in collaboration with GOR, the business and IT Risk. Assign resources as needed on selected RCSAs. Review and challenge the scope for IT, participants, and IT Profile for RCSAs.
  • Risk Assessment and Identification. Objectively review & challenge the inherent risk, control effectiveness, and residual risk assessments & rationales, as well as related issues/APs, for technology specific risk/controls. Provide feedback and follow up on the technology specific risk/control responses.
  • Issue Management. Ensure all IT risks/controls have been properly documented and reflected in deliverables and applicable tracking systems, including suitable action plans.
  • Reporting and Monitoring. Prepare reports on IT components of RCSAs, including findings, track IT risk trends, and monitor the effectiveness of controls.
  • Training and Communication. Develop and deliver training programs to educate and support peers and stakeholders on IT processes of the RCSAs and best practices.
  • Stakeholder Management. Act as a liaison between business units, control owners, IT Risk and other stakeholders.
  • Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
  • Understand how the Bank's risk appetite and risk culture should be considered in day-to-day activities and decisions.
  • Actively pursues effective and efficient operations of their respective areas in accordance with Scotiabank's Values, its Code of Conduct and the Global Sales Principles, while ensuring the adequacy, adherence to and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions and conduct risk.
  • Champions a high performance environment and contributes to an inclusive work environment.

Skills
Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

  • Strong expertise in IT Risk Management (e.g. Logical Access, Data Leakage, Disaster Recovery)
  • Master's degree or higher in science, technology, engineering, business administration is an asset.
  • 5+ years of experience in Technology or Operational Risk Management, IT Audit, IT Compliance, regulatory-supervision, consulting or advisory roles.
  • 1+ years of experience in RCSAs as part of the 1LoD or 2LoD.
  • Industry certifications desirable (e.g. CISSP, CRISC, CISM)
  • Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT) is preferred
  • Experience using of GRC risk management tools.
  • Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR)
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies
  • Advanced knowledge of data analytics and data literacy
  • Strong understanding of IT risk management frameworks in a global banking environment.
  • Strong understanding of risk and controls assessments and self-assessments.
  • Able to convey complex concepts and ideas on issues requiring interpretation and opinion.
  • Maintain in-depth knowledge of cyber and IT risks and controls across various information system architecture and engineering domains, such as data protection, application security, identity and access management, vulnerability management, change management, network security, endpoint security, logging and monitoring, and incident management. Stay actively engaged in the industry on the latest in cyber risk and emerging operational risks.
  • Demonstrate a sense of urgency in implementing programs and evaluating priorities; be decisive, action-oriented, and practical.
  • Analyze and think through highly complex issues, then appropriately execute and implement against a well-thought-through framework in a seamless manner. Be a global citizen comfortable in all geographies, regions, and cultures.
  • Demonstrate strong leadership, communication, and presentation skills, including the ability to adapt style to suit the different needs of any audience
  • Independent in judgment and with a high standard of conduct and ethics. Able to challenge and be challenged while maintaining the highest levels of professionalism.
  • Good negotiation skills and ability to resolve conflict between teams or individuals so that functional / organizational objectives are achieved.
  • Excellent analytical skills; critical thinking and problem solving skills.
  • Good interpersonal skills
  • Spanish proficiency is required.

What's in it for you?

  • We have an inclusive and collaborative work environment that values curiosity & ownership, encourages pragmatic creativity (i.e. true innovation), and celebrates success
  • An inclusive working environment that encourages creativity, curiosity, and celebrates success
  • A rewarding career path with diverse opportunities for professional development
  • Internal training to support your growth and enhance your skills
  • A competitive rewards package that includes a base salary, a performance bonus, company matching programs on pension and profit sharing, paid vacation, personal & sick days, medical, vision and dental benefits that start from day one and much more

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.