Director, Technology Risk and Control Self-Assessment
Scotiabank
Select how often (in days) to receive an alert:
Title: Director, Technology Risk and Control Self-Assessment
Requisition ID: 256440
Join a purpose driven winning team, committed to results, in an inclusive and high‑performing culture.
The Director, Technology Risk and Controls Self-Assessment (RCSA) Program leads the end-to-end execution, governance, and continuous enhancement of the Technology Risk & Control Self-Assessment (RCSA) program within the Bank’s Technology Internal Controls function.
The purpose of this role is to enable proactive technology and cyber risk management—anticipating risk, identifying areas of weakness, and surfacing where risk can be better managed so leadership can make informed, risk-based decisions. The role ensures Technology RCSAs move beyond point-in-time compliance to become a forward-looking management tool that highlights emerging risks, control gaps, and opportunities to strengthen resilience.
This role is accountable for ensuring the effective identification, assessment, monitoring, and reporting of technology and cyber risks across critical business services, applications, infrastructure, data, and third-party ecosystems. The Director ensures Technology RCSAs are grounded in recognized industry frameworks and are fully aligned with enterprise Operational Risk and Internal Audit and Regulatory expectations.
Is this role right for you? In this role, you will:
- Own, lead, and execute the end‑to‑end Technology RCSA lifecycle across all technology risk and control domains, including information security, infrastructure, applications, data, cloud, and third party risk.
- Provide credible challenge to inherent and residual technology risk assessments, ensuring risks are appropriately identified, evaluated, and mapped to relevant risk and control domains.
- Identify and assess emerging technology and cyber risks and ensure end‑to‑end traceability across risks, controls, issues, metrics, audit findings, and loss events.
- Establish and maintain an enterprise‑aligned Technology RCSA program and methodology consistent with Operational Risk standards, the NIST Cybersecurity Framework (CSF), and industry cyber risk profiling frameworks (e.g., Cyber Risk Institute Profile).
- Ensure Technology RCSA outputs proactively surface areas of elevated risk, control weaknesses, and risk concentrations to support timely, risk‑based management decisions.
- Translate Technology RCSA results into clear, executive and board level risk narratives, including risk heat maps, trend analysis, and forward‑looking insights.
- Enable senior leaders to understand technology risk trade‑offs and prioritize remediation and investment decisions based on actionable risk intelligence.
- Serve as the primary Technology RCSA point of contact for Second Line of Defense, Internal Audit and regulators, ensuring assessments withstand audit and supervisory scrutiny.
- Lead and drive a customer‑focused culture throughout their team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
- Direct day‑to‑day activities in a manner consistent with the Bank’s risk culture and the relevant risk appetite statement and limits. Communicate the Bank’s risk culture and risk appetite statement throughout their teams.
- Create an environment in which the team pursues effective and efficient operations of respective areas, while ensuring the adequacy, adherence to, and effectiveness of day‑to‑day business controls to meet obligations with respect to operational risk, regulatory compliance risk, AML/ATF risk and conduct risk, including but not limited to responsibilities under the Operational Risk Management Framework, Regulatory Compliance Risk Management Framework, AML/ATF Global Handbook and the Guidelines for Business Conduct.
- Build a high-performance environment and implement a people strategy that attracts, retains, develops and motivates their team by fostering an inclusive work environment; communicating vision/values/business strategy and managing succession and development planning for the team.
Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:
- Related university degree required or equivalent experience.
- Over 15 years of Cyber and IT experience (operations, development, and management) with insight into IT risk management, audit and governance.
- Strong leadership, communication and strategic influencing capability supported by well‑developed analytical and strategic thinking competencies.
- Expert knowledge and understanding of complex, leading‑edge technology.
- Expert knowledge of multiple global businesses including related systems and procedures.
- Expert ability to balance competing or conflicting goals of various departments and stakeholders which requires a match, diplomatic approach and highly developed negotiation & influencing skills.
- Forward thinking with ability to anticipate future events, trends, problems and opportunities and perceive patterns as they emerge.
What's in it for you?
- Diversity, Equity, Inclusion & Allyship – we strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and is embraced through bias‑free practices and inclusive values across Scotiabank.
- Accessibility and Workplace Accommodations – we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone.
- Upskilling through online courses, cross‑functional development opportunities, and tuition assistance.
- Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
- Community Engagement – no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!
Location(s): Canada : Ontario : Toronto
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
#J-18808-Ljbffr- Select how often (in days) to receive an alert: Title: Manager, Technology Risk and Control Self-Assessment Requisition ID: 256434 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Contributes to the overall success...SuggestedFlexible hours
- Lead technology and cyber risk management as the Director of IT Risk and Controls Assessment. Oversee the RCSA program to anticipate and manage risks across technology functions effectively. Your responsibilities will include establishing and enhancing the end-to-end Technology...Suggested
- Shape the future of infrastructure finance as the Director of Investment Risk at the Canada Infrastructure Bank. Lead critical assessments in project finance with a strategic vision. In this role, reporting to the VP, Investment Risk, you will focus on risk evaluation for...Suggested
- Lead the risk and audit strategies for Corporate Real Estate at Manulife globally. This hybrid role in Toronto focuses on compliance, risk assessment, and operational excellence. As the Director of Risk and Controls, you will spearhead the complete risk, controls, and audit...Suggested
- A leading bank in the Americas seeks a Director for Technology Risk and Control Self-Assessment to lead risk management initiatives and enhance compliance frameworks. This senior role demands over 15 years in Cyber and IT, focusing on proactive risk identification and strategic...Suggested
- Associate Vice President, Technology Risk & Controls Company: CGL Department: IT - Ent Inf & Ops Serv Employment Type: Regular Full-Time Work... ...vision for risk reporting across the business and ensure risk assessment results inform business unit monitoring and testing plans,...Long term contractFull timeWork at officeLocal areaFlexible hours
- Drive risk management and technology strategy as the Director at CPP Investments, focusing on the SimCorp platform. This position requires leadership in delivering accountability in investment performance. As the Director overseeing SimCorp technology, you will be responsible...
- Lead machinery risk assessments as a Senior Consultant in a remote setting. Apply your engineering background to address breakdown risks and enhance... ...• Excellent communication skills for diverse stakeholders • Self-motivated and effective at managing priorities • Valid driver’s...Remote work
- ...for a Senior Security Specialist Threat Risk Assessment for a 6 month contract in Toronto. This... ...design, and implementation of security technologies. Proven techniques to discover gaps or... ...digital signatures, encryption, access controls, firewalls, authentication, virus protection...Contract work
- ...is the opportunity? As part of the Group Risk Management (GRM) Enterprise Resilience Risk team, the Director, Cyber & Technology Risk will be responsible for providing Cyber... ...technologies, AI, and generative AI to strengthen the control environment. Oversight of cloud, technology...Local areaFlexible hours
- ...Security Specialist specializing in Cyber Risk Assessment at Ontario Public Service in Toronto.... ...Cyber Security methodologies. You will assess vulnerabilities and implement necessary... ...of security issues • Conduct information technology security projects as assigned Requirements...Contract work
$144k - $184k per year
...Opportunity Reporting directly to the CFO, the Director of Internal Controls is responsible for re‑establishing,... ...processes, to ensure that key risks are mitigated and compliance with... ...and modernize existing enterprise risk assessments, control inventories, process maps and...Local area$79k - $131k per year
## Manager, Cyber & Technology RiskApplylocations: Toronto, ONtime... ...the AVP, Cyber & Technology Risk, and working closely with key... ...through targeted independent assessments of current cyber security practices... ...existing and future cyber technologies within the CTC environment to...$72k - $108k per year
...seeking a Senior Consultant to join its Technology Risk team. The role involves managing... ...deploying information systems, resources, and controls to maximize efficiencies and minimize... ...of experience in IT audits and/or risk assessments and/or technology evaluations. Bachelor...Flexible hours- Job Description Senior Manager, Technology Risk, Analytics & Intelligence What is the opportunity? We are seeking... ...findings by reviewing and validating content, assessing impact and likelihood, evaluating compensating controls, and ensuring appropriate remediation or...Full timeFlexible hours
- Opportunity The Director, Operational Risk Management is a senior leader accountable for leading, and... ...how operational risks are identified, assessed, and managed across the organization... ...with senior leaders across Investments, Technology, Member Services, Finance, Legal,...Work at officeRemote workFlexible hours
$78.2k - $105.8k per year
Senior Consultant, IT Risk, Performance and Technology Overview Richter is a Business | Family Office... ...proficiency in audit concepts such as risks, controls, client relationship management, and... ...mandates Cybersecurity assessments Tabletop exercises About you...Work at officeFlexible hours- A major Canadian bank in Toronto is looking for a Senior Manager in Technology Controls Engineering to lead the automation and effectiveness of IT risk management activities. This role involves collaborating with various stakeholders, managing internal control reviews, and...
$138k - $221k per year
...secure, simple, smart and accessible. Our technology and innovation, partnerships and... ...greatest potential. Title and Summary Director, Credit Risk Policy Overview This role provides senior... ...information, rating systems and control frameworks. Use of AI in credit risk management...Worldwide- Elevate BMO's risk reporting strategy as the Director of Impaired Loan Initiatives. Your focus will be to ensure... ...risk reporting success • Analyze and assess regulatory impacts on reporting •... ...• Expert knowledge of risk systems technology • In-depth understanding of regulatory...
- Lead the charge in cyber risk management at RGA as the Director of IT Risk in a hybrid working model. Your strategic... ...will drive results across global technology teams. RGA is on the hunt for an... ...: • Lead comprehensive IT risk assessments in various domains • Enforce global...
- Role Summary The Managing Director, Enterprise Risk plays a senior leadership role within the Enterprise... ...of CPP Investments. The focus is on technology, cyber, data, and operational risks,... ..., and well‑calibrated risk and control design while maintaining second‑line independence...
$111.8k - $208k per year
...practices. Interprets new regulations and assesses impacts to the governance framework.... ...goals. Measures the effectiveness of the risk governance system and framework; recommends... ...maintains the market risk monitoring and control program activities in adherence to all policies...Shift work- A health and safety consulting organization in Ontario is seeking a Health & Safety Consultant for a full-time, temporary role lasting until March 31, 2026. The consultant will work remotely and engage with clients to provide specialized health and safety solutions, conduct ...Full timeTemporary workRemote work
$203.2k per year
...Analytics Do you want to build the risk and analytics engine behind... ...you! We're looking for a Director, FinTech & Risk Analytics to... ...service is delivered through technology. With Jobber they can quote, schedule... ...ROA/ROE methodologies to assess profitability, optimize yield,...Long term contractFull timeInternshipWork at officeLocal areaRemote work- ...inclusive and high‑performing culture. The Director, as the technology owner, will be responsible for the... ...strategy, which mitigates operational risk and delivers value, in collaboration... ...effectiveness of day‑to‑day business controls to meet obligations with respect to...Work at officeFlexible hours
$85k - $156k per year
...typical day look like? The Technical Cyber Risk Assessment Manager will be responsible for the... ..., and platforms. Validate actual control effectiveness by reviewing live configurations... ..., cloud, identity, and endpoint technologies. Work with Cybersecurity Architects...Permanent employmentFlexible hours$103.2k - $192k per year
...Yonge Street Groupe de famille d’emploi : Analyses des données et communication de l’information Utiliser des algorithmes et des technologies analytiques avancés (p. ex., apprentissage machine, apprentissage profond, intelligence artificielle) pour explorer et analyser de...Part timeApprenticeship- Steer risk enablement and optimize business processes at Give & Go Prepared Foods Corp. as the Director of Business Process and Risk Enablement. Drive collaboration to manage risks effectively... ...• Ensure compliance with internal controls and audit processes • Present risk...
- Take on a pivotal role as the Director of Global Security Risk at RBC, focusing on technology risk management and governance in AI and data protection. This senior... ...Security Risk Director, you will lead risk assessments and align operational strategies with regulatory...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Director, Technology Risk and Control Self-Assessment. Be the first to apply!
- manager information technology Toronto, ON
- technology manager Toronto, ON
- director information technology Toronto, ON
- group risk manager Toronto, ON
- operational risk manager Toronto, ON
- senior manager risk management Toronto, ON
- credit risk Toronto, ON
- risk and insurance manager Toronto, ON
- access control specialist Toronto, ON
- project control Toronto, ON
