Senior Analyst IT Regulatory Management

Scotiabank•Toronto, ON

1d•Onsite

About The Position

The IT Risk Technology Regulatory Compliance Team plays an important role in the Bank’s technology and security compliance risk management by implementing the IT&S Regulatory Compliance Management (RCM) Framework in accordance with the regulatory requirements of OSFI’s Guideline E13 and in conjunction with the Bank’s overall Regulatory Compliance Program. The Technology Regulatory Compliance Team works closely with Global Compliance, IT Risk Advisory teams and front line technology and security teams in IT&S to providing First Line of Defense for all technology compliance risk domains including IT Governance, IT Risk, Cyber Security, Information Security, Infrastructure, Network and IT Operations, and Software Development and Change Management to ensure overall technology regulatory compliance. As a Senior Business Analyst, you will be proactively supporting the Director, Technology Regulatory Compliance and/or Senior Manager Regulatory Compliance to enable the RCM activities across all RCM Pillars, supporting with interaction model, as well as implementation roadmap & detailed plans to prioritize and execute multiple workstreams to achieve full technology regulatory compliance.

Requirements

BA or Post Graduate degree with a minimum of 2+ years of relevant combined experience in Compliance, Legal or other Control Functions (Audit, Risk, etc.)
Strong knowledge of regulatory and industry frameworks, guidelines and standards governing the management of technology systems and information security (OSFI, COBIT, NIST, ITIL etc.)
Great relationship manager and collaborator with solid communication (verbal/written) skills in English.
Keen on keeping current with emerging trends, best practices, directions and issues in information technology and security and global regulatory developments.
Demonstrate can-do spirit and resilience with a good sense of urgency to deliver.

Nice To Haves

Experience in interpreting Information technology and security regulatory rules is an asset.
The same in Spanish is a strong asset.
Relevant certifications or active pursuit for Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are desirable.

Responsibilities

Identify regulatory obligations and controls according to the technology compliance risk domain(s) assigned to you. This will require working with technology and security Risk Owners across Technology and Digital Banking.
Collaborate and work closely with Business Lines (BLs)/Corporate Function (CFs) partners and technology teams to document controls and map to the technology obligations embedded in business specific regulations for enterprise-level controls.
Proactively maintain the regulatory library on an ongoing basis by updating the obligations as well as related control documentation and accurately mapping of the correct controls to the obligations.
Regularly assess inherent risk, control strength and evaluate residual risk.
Create and maintain effective reporting and analytics on the compliance measures to monitor and drive compliance gap remediation.
Proactively identify opportunities to improve effectiveness and enhancements of risk identification and management policies and processes.
Partner with other risk groups and contribute to the ongoing update and enhancement of controls, frameworks, policies, risk indicators and metrics.

Benefits

Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, cooking with friends, Humans of Digital and much more!

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume