Scotiabank & Trust - New York, NY
posted 27 days ago
Full-time - Senior
New York, NY
Credit Intermediation and Related Activities
About the position
The Senior Manager, IT Risk plays a crucial role in the Technology Risk Office by ensuring that individual goals and initiatives align with the team's business strategies. This position is responsible for conducting IT risk assessments, collaborating with auditors, and ensuring compliance with regulations and internal policies. The role also involves fostering a strong IT risk culture and developing tools to enhance risk management across the organization.
Responsibilities
- Champion a customer-focused culture to deepen client relationships.
- Conduct detailed Cyber and IT Risk assessments and ensure compliance with defined policies and standards.
- Work closely with internal and external IT auditors on audits and regulatory exams.
- Act as the enterprise Regulatory Compliance Management (eRCM) coordinator for IT Risk Owners.
- Collaborate with Enterprise Risk control testing and monitoring to ensure compliance with regulations.
- Identify pervasive IT risk issues and implement preventative controls across IT&S.
- Partner with other risk groups to assess and communicate new/updated risk controls and frameworks.
- Act as a Subject Matter Expert (SME) to IT stakeholders regarding IT best practices and regulatory obligations.
- Support the development of tools and technology for IT risk management.
- Perform Risk Control Self-Assessments (RCSA) for Cyber and IT environments.
Requirements
- Over 8 years of experience in Cyber and IT Risk management (governance, operations, audit, control functions, compliance, risk management).
- Experience with regulatory agencies such as the Federal Reserve Bank of New York and NYDFS is preferred.
- Expertise in IT Risk management including systems design, security, disaster recovery, and third-party risk management.
- Strong negotiation and influencing capabilities with well-developed analytical competencies.
- Good knowledge of global banking businesses and related systems and procedures.
- Demonstrated ability to balance competing goals of various departments and stakeholders.
- Excellent communication, facilitation, and presentation skills.
Nice-to-haves
- Certified Information Systems Auditor (CISA) certification.
- Certified Information Systems Security Professional (CISSP) certification.
Benefits
- Flexible benefit programs to support family, financial, physical, mental, and social health needs.
