Director, U.S. Deputy CISO

Banque Scotia (Bank of Nova Scotia)New York City, NY
134d$180,000 - $301,500
Match Resume

About The Position

The US Deputy Chief Information Security Officer (Deputy CISO) will support the MD & US CISO in building robust United States technology risk (includes all non-financial risks such as Cyber Risk, Availability, Resiliency Risks and Operational Risk) related controls and processes and ensure they are maintained and adhered to in the assigned portfolio. Along with the MD & US CISO the Deputy CISO will collaboratively assess, evaluate and remediate increasingly complex technology risk, design controls and assist in their implementation in the USA, a key growth market. Acts in the line of defense as Internal Control (1B) to ensure implementation of initiatives in accordance with regulatory expectations, risk appetite, organizational risk practices and evolving business practices. Ensures all activities conducted are in compliance with governing regulations, internal policies and procedures.

Requirements

  • 10+ years of Technology and non-financial Risk management experience.
  • Expert leadership, communication (both verbal and written) and influencing capability.
  • Expert Technology risk management experience in multiple areas including internal controls, systems design, security, availability/stability/resiliency, disaster recovery, third party risk management.
  • Proven experience in risk or Cyber security leadership preferably with deep knowledge of US and GBM businesses.
  • Ability to balance contesting or conflicting goals of various departments and stakeholders.
  • Strong presentation design and delivery skills.
  • Knowledge or understanding of Risk / Control frameworks (ITIL, ISO, COBIT, NIST, FFIEC).
  • Advanced degree in Computer Science, Engineering, Business Commerce or equivalent experience.

Nice To Haves

  • Exposure to cloud controls.
  • Additional relevant Certifications such as ITIL V3 Foundation Cert. in ITSM, COBIT, CRISC, CISSP.

Responsibilities

  • Champion a customer focused culture to deepen relationships with Sr. leadership, peers, and functional groups by leveraging IT and risk expertise.
  • Partner across senior executives US CIO, Global CISO, Risk, Operations, compliance and legal teams to deliver improved US regulatory outcomes and strategies.
  • Support in the US 1st line Technology Risk, Cyber Security and Internal Controls teams.
  • Collaborate with US CIO and Global CISO, in leading frequent interaction and reporting to US Federal Regulators.
  • Oversee critical 1st Line of Defense (1B) function in highly regulated US Technology realm with ongoing guidance to support the implementation of, and compliance to, established IT Standard, Policies, Procedures, regulatory, operational risk and cyber risk requirements.
  • Lead US 1st Line of Defense (1A) teams and Risk owners, to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems.
  • Act as primary interface and conduit between the 1A risk owners and other risk groups or advisors in various business areas.
  • Manage Technology Risk identification, assessment, prioritization for relevant business areas.
  • Lead US Technology risk control testing and monitoring and guide all US based Technology Risk Owners with remediation plans.
  • Partner with and face other risk groups to assess, implement and communicate new/updated risk controls, frameworks, policies, risk indicators, metrics and limits.
  • Oversee analyses of systems or asset data and deliver monthly / quarterly reporting for senior management.
  • Lead team that develops reports and presentations to deliver updates on KPIs/KRIs to various audiences.
  • Evangelize for Technology Risk and promote a strong risk culture in partnership with the risk owners.
  • Coordinate SOX control testing and facilitate evidence collection.
  • Ensure sound and consistent information security architectures are leveraged and effectively communicated.
  • Direct, assure, and advance the security of the Scotiabank Group's networks.
  • Pursue security and control process improvements and the protection of emerging technologies.
  • Work closely with Global Security Operation Services, Global Advisory Services and Enterprise Security Services.
  • Create an environment for effective and efficient operations in accordance with Scotiabank's Values.
  • Scope includes compliance with information security regulations, user education and access, and cybersecurity.
  • Accountable for understanding, communicating and ensuring compliance with Scotiabank's Information Security Policies.
  • Lead the design and operation of related compliance monitoring and improvement activities.
  • Provide and maintain technical expertise on security aspects of systems, applications, and networks.
  • Review system development, maintenance and acquisition efforts for security provisions.
  • Champion a high-performance environment and implement a people strategy.

Benefits

  • Flexible benefit programs designed to support unique family, financial, physical, mental, and social health needs.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Credit Intermediation and Related Activities

Education Level

Master's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service