Jobs · Engineering · Texas

Senior Manager, Technology Risk & Control Self-Assessment

Scotiabank · Dallas, TX · 6 days ago
EngineeringFull-time

About the role

Join a purpose-driven winning team, committed to results, in an inclusive and high-performing culture. Global Banking and Markets (GBM) is a leading Canadian Capital Markets and Investment Banking business with a growing platform in the US and Latin America, operating globally for over 100 years. Scotiabank’s strong U.S. presence provides our clients an important bridge to this key global market for trade and investment flows across the Americas and the world. GBM provides a full range of investment banking, credit and risk management products and services relevant to the financing and strategic development needs of our clients.

Responsibilities

  • Lead end-to-end execution of Technology RCSA activities across critical systems, platforms, and critical business services.
  • Own facilitation of risk identification, inherent risk assessment, control mapping, and residual risk determination for technology processes and services.
  • Perform deep-dive assessments to evaluate control design and operating effectiveness across key technology domains (e.g., access management, change management, resiliency, third party risk).
  • Identify control gaps, emerging risks, and systemic issues, and drive clear remediation actions to reduce operational and cyber risk exposure.
  • Partner closely with First Line Technology teams to gather risk and control data, validate assessment outcomes, and reinforce ownership of risks and controls.
  • Provide oversight, coaching, and quality assurance to junior team members during RCSA execution.
  • Contribute to the continuous improvement of RCSA methodologies, tools, and procedures to enhance consistency, efficiency, and risk insight.
  • Participate in technology risk governance forums and working groups, supporting effective escalation and decision making.
  • Coordinate with Second and Third Line teams to support review, challenge, and alignment of RCSA outcomes.
  • Track issues, action plans, and remediation activities resulting from RCSAs, incidents, and regulatory findings, and support sustainable closure.
  • Deliver clear reporting on RCSA progress, key findings, and emerging risk themes, including concise summaries for senior management and governance committees.

Requirements

  • Hands-on experience executing risk assessments or similar governance processes.
  • A minimum of 8+ years of experience in technology departments and/or risk management, preferably in a financial institution.
  • Industry certifications desirable (e.g. CISSP).
  • Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT).
  • 8+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk assessment and control evaluation.
  • Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR).
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies.
  • Bachelor’s degree in Information Systems, Computer Science, Risk Management, or related field.
  • Advanced knowledge of data analytics and data literacy.

Qualifications

  • Hands-on experience executing risk assessments or similar governance processes.
  • A minimum of 8+ years of experience in technology departments and/or risk management, preferably in a financial institution.
  • Industry certifications desirable (e.g. CISSP).
  • Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT).
  • 8+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk assessment and control evaluation.
  • Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR).
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies.
  • Bachelor’s degree in Information Systems, Computer Science, Risk Management, or related field.
  • Advanced knowledge of data analytics and data literacy.

Skills

  • Hands-on experience executing risk assessments or similar governance processes.
  • A minimum of 8+ years of experience in technology departments and/or risk management, preferably in a financial institution.
  • Industry certifications desirable (e.g. CISSP).
  • Advanced knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT).
  • 8+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk assessment and control evaluation.
  • Demonstrated expertise in regulatory compliance, risk management frameworks, and industry best practices (e.g., NIST, ISO, FFIEC, GDPR).
  • Proficiency in data security, risk management & controls, security governance, and analytical thinking, with a track record of implementing effective risk mitigation strategies.
  • Bachelor’s degree in Information Systems, Computer Science, Risk Management, or related field.
  • Advanced knowledge of data analytics and data literacy.

Benefits

At Scotiabank, we offer a comprehensive benefits package designed to support your unique family, financial, physical, mental, and social health needs. This includes a focus on holistic well-being and a variety of flexible benefit programs.

Pay

Salary offered may vary based on factors, including, but not limited to, the successful candidate’s relevant knowledge, skills, and experience.

Schedule

Flexible work arrangements may be available based on business needs and individual circumstances.

Similar jobs