Thanks for your interest in ScotiaTech, Scotiabank's new and innovative Technology hub in Bogota.Join a purpose driven winning team that promotes creativity and innovation in a fast-paced environment, where we’re always committed to results, in an inclusive, diverse, and high-performing culture.PurposeThe Technology Control Testing team plays an important role in the Bank’s Three Lines of Defense Framework, providing First Line of Defense for all lines of business on all technology risk domains, including Cyber Security, Data Privacy, Software Lifecycle Management, Capacity, Incident Management, Disaster and Backup Recovery, Third Party Management, Project Management, and Audit & Regulatory issue remediations.The Senior Manager, Technology Control Testing directly supports the Head of Technology Control Testing to collaboratively assess high risk processes across business lines and manage the execution of the control test exercise(s). This role is part of a strategic and comprehensive IT Risk Management Function within the Technology First Line of Defense, ensuring design and implementation in accordance with regulatory expectations, risk appetite, organizational risk practices, and evolving business practices.The role includes significant coordination and engagement with peers across all business lines and technology functions. This includes 1st, 2nd, and 3rd lines of defense for Technology in the execution of risk management activities, inclusive of regular updates, formal reporting, and managing remediation commitments identified (e.g., audit findings).AccountabilitiesChampions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems, and knowledge.Ensures specific goals, plans, initiatives are executed/delivered in support of the team’s business strategies and objectives and all activities conducted are in compliance with governing regulations, internal policies, and procedures.Identifies and tests design and operating effectiveness attributes for IT General controls and automated controls.Leads and/or manages IT General controls and automated control walkthroughs and assesses controls for effectiveness.Advises and supports risk owners in day-to-day risk management activities and execution. Assists risk owners in adhering to policies, frameworks, standards, and guidelines through active engagement, guidance, and counseling.Acts as a primary interface and conduit between the risk owners and other risk groups to lead the facilitation and execution of risk management activities.Compiles and (where applicable) presents risk update reports to Senior Management.Identifies, assesses, prioritizes, and reports on material IT risks for IT and aligned business areas.Develops or enhances monitoring tools to evaluate the design and operating effectiveness of the key controls in the Business.Leads internal control reviews of high-risk processes including procedure testing, establishing test plans and test scripts, providing recommendations, providing feedback, and reporting to the Head of Technology COE.Identifies, articulates, and challenges management on the strength of their control program.Works with Compliance officers to identify regulatory risks and integrate regulatory controls and monitoring into the overall technology control testing plan.Documents and monitors progress of remedial actions for issues identified through Technology Control testing and by others, including Internal Audit, Compliance, regulators, and management self-identified issues.Ensures implementation of a strong IT risk culture in partnership with the risk owners and other control functions.Reviews and contributes to technology policies and standards under development or review, as applicable.Monitors effectiveness of portfolio impacting governance processes such as change management, project management, and architecture reviews, for enforcing control requirements.Engages in business integration projects to ensure all appropriate technology controls and processes are implemented.Collaborates with IT Risk Senior Managers for other business units to improve risk management practices across the enterprise.Builds a high-performance environment and implements a people strategy that attracts, retains, develops, and motivates their team by fostering an inclusive work environment.Provides ongoing coaching and guidance to less experienced Technology COE staff to ensure there is a consistent understanding of the overall risk program, KRIs, monitoring plan, and governance structure.Understands how the Bank’s risk appetite and risk culture should be incorporated into day-to-day activities and decisions.Actively pursues effective and efficient operations of his/her respective areas in accordance with Scotiabank’s Values, its Code of Conduct, and the Global Sales Principles.Champions a high-performance environment and contributes to an inclusive work environment.DimensionsScope of role covers:Related high-risk Regulatory Compliance and Cybersecurity Control Testing needs of enterprise-wide (all business line) systems and applications.Access and training on multiple systems.Extensive familiarity with Scotiabank policies and procedures, Technology & Risk Management standards.Measurement of success in the role includes:Key Performance Indicators (KPIs) around delivering on goals, testing activities, program enhancements.Effective communication, facilitation, and presentation skills for developing communication strategies for Executive approval.Ability to balance competing or conflicting goals of various departments and stakeholders.Ability to challenge leadership team especially when there is a need to balance control and compliance priorities with competing objectives.Ability to work with minimal supervision and deliver to tight deadlines.Education / ExperienceRequires an undergraduate degree combined with an Information Security professional designation such as CISM, CISA, CCSP, CISSP, or CRISC.Experience with ISO27001, COBIT, CIS, and NIST frameworks. Exposure to SOX requirements.Experience in a wide area of risk controls such as vendor risk, application risk, infrastructure risk.Experience in IT Control Testing, Auditory, Risk Management, or GRC (Governance, Risk and Compliance).Knowledge of security principles, cloud security, and IT processes.B1+ level of English.Working ConditionsWork in a standard office-based environment; non-standard hours are a common occurrence.#LI-HybridLocation(s): Colombia : Bogota : BogotaScotiaTech is a business unit within ScotiaGBS, a Scotiabank Group company located in Bogota, Colombia. The ScotiaTech hub was created to support different technology systems and processes of the Bank. We offer an inclusive, positive work environment, and competitive benefits.At ScotiaTech, we value the unique skills and experiences each individual brings and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at ScotiaTech; however, only those candidates who are selected for an interview will be contacted. #J-18808-Ljbffr