Scotiabank

Global Head, Technology Risk Officer

Scotiabank$150K — $200K *
Finance & Insurance
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • University degree in Computer Engineering, Computer Science, or related field; 10+ years in senior security roles.
  • Professional certifications in cybersecurity or risk management (e.g., CISSP, CISM).
  • Strong understanding of regulatory frameworks (NIST, ISO 27001, etc.).
  • Proven experience in the financial services sector, preferably in banking.
  • Demonstrated experience in managing audit and regulatory compliance.
  • Proficiency in risk management tools and analytics.

Responsibilities

  • Own and execute Technology Risk Management within the First Line of Defense.
  • Provide oversight to 1A risk owners for identifying and mitigating risks.
  • Serve as a trusted partner to Technology, Product, and Business teams.
  • Lead the assessment and reporting of operational risks in line with firm-wide programs.
  • Monitor technology risk metrics and track remediation progress and sustainability.
  • Prepare technology risk insights and recommendations for senior management.
  • Foster a risk-aware culture and drive organizational improvements.

Benefits

  • Collaborative and inclusive work environment that encourages creativity.
  • Access to tools and technology for enhancing customer experiences.
  • Opportunities to learn from industry leaders from top tech companies.
  • Commitment to employee growth and success in their careers.
  • Flexibility in dress code policy to encourage comfort.
  • Access to extensive online and in-person training resources.
Full Job Description
Requisition ID: 259458

The role:

The Global Head, Technology Risk Officer (TRO) leads the First Line of Defense (1B) Technology Risk and Internal Control function, accountable for the design, implementation, operation, and continuous improvement of technology and cybersecurity risk management practices across the enterprise. The role ensures technology and cybersecurity risks are identified, assessed, mitigated, monitored, and reported in alignment with the firm's risk appetite, regulatory expectations, and business strategy.

This role requires a visionary leader with a deep understanding of cybersecurity principles, risk management, and compliance frameworks. The ideal candidate will possess strong communication and leadership skills, the ability to navigate complex regulatory landscapes, and a commitment to continuous improvement in the face of a rapidly evolving cybersecurity environment.

What will you do?

  • Own execution and accountability for Technology Risk Management and Internal Controls within the First Line of Defense (1B).
  • Provide direction and oversight to Technology 1A risk owners to strengthen their capability to identify, assess, mitigate, and monitor technology and cyber risks.
  • Serve as a trusted 1B Technology Risk partner to Technology, Product, and Business teams.
  • Lead the identification, escalation, monitoring, and measurement of technology and operational risks in alignment with firm-wide risk management programs.
  • Serve as a deep subject matter expert and trusted Technology 1B partner on cybersecurity, resiliency and physical security principles, practices and technologies across key domains, including, Threat and Vulnerability Management, Data Protection, Identity and Access Management, Cyber Incident Response, Cyber Threat Intelligence, Technology Resilience, Third Party Cyber Risk, Physical Security and Application Security.
  • Monitor technology risk KRIs and KPIs, supports review and challenge of remediation and get-to-green plans, and tracks delivery of sustainable risk reduction.
  • Ensures technology risk outcomes remain aligned to the firm's risk appetite and governance expectations.
  • Prepare and presents technology risk insights, trends, and recommendations to senior management and governance forums.
  • Provide 1B risk and control advisory support, including targeted risk reviews, root cause analysis, and development of sustainable mitigation strategies.
  • Implements the firm's technology risk management strategy, ensuring alignment with regulatory and industry standards.
  • Drives a proactive risk and control culture focused on prevention, transparency, and continuous improvement.
  • Partner with Second Line of Defense to support effective review, challenge, and enterprise consistency.
  • Collaborate with Technology leadership, Product Owners, Business Control Managers, and key stakeholders to maintain a comprehensive enterprise technology risk view.
  • Engage with regulators and internal governance bodies, as required.
  • Leads and scales a large, global Technology Risk and Internal Control organization, providing clear direction, priorities, and accountability across multiple teams and geographies
  • Establish a strong operating model, including defined roles, decision rights, escalation paths, and performance expectations.
  • Build a strong leadership bench through coaching, succession planning, and capability development.
  • Drive workforce planning, capacity management, and resource allocation aligned to strategic priorities and regulatory commitments.
  • Foster an inclusive, high-performance culture emphasizing ownership, execution discipline, and continuous improvement.
  • Lead through change, effectively managing organizational complexity while maintaining focus on risk outcomes and control effectiveness.
  • Create an environment in which the team pursues effective and efficient operations of their respective areas in accordance with Scotiabank's Values, its Code of Conduct, and the Global Sales Principles, while ensuring the adequacy, adherence to, and effectiveness of day-to-day business controls to meet obligations with respect to operational, compliance, AML/ATF/sanctions, and conduct risk.
  • Lead and drives a customer focused culture throughout their team to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
  • Build a high-performance environment and implement a people strategy that attracts, retains, develops, and motivates the team by fostering an inclusive work environment and using a coaching mindset and behaviors; communicating vision/values/business strategy; and managing succession and development planning for the team.


What do you need to succeed?

  • University degree in Computer Engineering, Computer Science, Technology, or a related field, with 10+ years of experience in progressively senior security roles within a complex, global organization.
  • Professional certifications in cybersecurity, technology, or risk management (e.g., CISSP, CCSP, CEH, CISM).
  • Strong understanding of regulatory and industry cybersecurity frameworks, including NIST, ISO 27001, FFIEC, OSFI, DORA, PCI DSS, and MITRE ATT&CK.
  • Proficiency in risk management tools and data analytics.
  • Mandatory experience in financial services, with a strong preference for banking.
  • Proven experience leading audit, regulatory, and Second Line of Defense findings, including ownership of remediation planning, execution tracking, and sustainable closure.
  • 10+ years of IT process and control experience, including internal audit, external audit, risk assessment, or issue management functions.
  • Demonstrated experience driving cross-functional, senior executive forums and remediation governance in a global environment.
  • Strong adaptive leadership skills, with the ability to lead effectively through change and ambiguity.
  • Excellent written and verbal communication skills, with the ability to articulate complex security and control concepts to technical and non-technical stakeholders, including senior executives.
  • Strong leadership and collaboration skills, including the ability to influence across all levels of management and manage large, complex initiatives.
  • Fluency in English required; Spanish preferred.
  • Deep practical knowledge of cybersecurity disciplines, including Cloud Security, AI/ML, Network Security, Threat Modeling, Vulnerability Management, and Technology Resilience.
  • Strong analytical and critical-thinking skills to assess business, technical, and operational risks.
  • Proven ability to operate in high-pressure, time-sensitive environments, managing dependencies and competing priorities.
  • Experience with cybersecurity diligence practices, including vulnerability assessments and penetration testing.
  • Experience leveraging AI/ML capabilities to manage risks associated with emerging technologies.


What's in it for you?

  • We have an inclusive and collaborative working environment that encourages creativity and curiosity and celebrates success
  • We provide you with the tools and technology needed to create meaningful customer experiences
  • You'll get to work with and learn from diverse industry leaders, who have hailed from top technology companies around the world
  • We hire you for your talent - not just a job - so you can grow with us. We'll equip you for success not only in your role, but also in your career as a whole
  • Dress codes don't apply here: being comfortable does
  • Access to thousands of online and in-person courses so you can hone your current skills, or learn new ones
  • A competitive rewards package that includes a base salary, a performance bonus, company matching programs on pension and profit sharing, paid vacation, personal & sick days, medical, vision, and dental and much more


Location(s): Canada : Ontario : Toronto

About Scotiabank

Scotiabankers are committed to helping individuals, companies, and communities to thrive in a changing world. From personal and business banking, brokerage, and insurance, to private wealth, and the most sophisticated commercial, corporate and institutional services, they serve the diverse needs of some 21 million customers in more than 55 countries. Founded in 1832 in Halifax, Nova Scotia, their growth has always been fuelled by the success of their customers and their longevity secured by an unshakable commitment to carefully and expertly managing risk and capital. That focus on doing what's right for customers—short- andlong-term—has made us a global financial services leader. Headquartered in Canada, they are over 86, 000 Scotiabankers strong. Each of us are committed to being the best at understanding their customers' needs and all of us working together to deliver practical advice and relevant solutions that help their customers become financially better off.

Scotiabank Careers

Join Scotiabank, a premier financial institution, and become part of a diverse and inclusive team that’s leading the way in global banking. At Scotiabank, we offer more than just job opportunities; we provide a platform for professional growth and innovation in the financial services industry.

Work You’ll Do

At Scotiabank, we’re not just filling positions; we’re cultivating leaders. Dive into a workplace where diversity training and leadership development shape the path to your future. Our commitment to professional growth is evident in our robust training programs and continuous learning opportunities that foster innovation and strategic thinking.

Explore a World of Opportunities

Whether you’re looking for a full-time position, an internship, or a leadership role, Scotiabank has a spectrum of opportunities to fit your career ambitions. Our team is composed of individuals who bring a wealth of skills and perspectives to our company, driving us forward with their creativity and strategic insights.

Innovative Work Environment

Scotiabank’s culture is one of collaboration and respect, where each team member’s contribution is valued. Engage in meaningful work that challenges you to leverage your skills and push the boundaries of what’s possible in the banking sector. Our innovative projects not only support the growth of the company but also ensure our position as a leader in the industry.

Benefits and Growth

Choosing a career at Scotiabank means opting for a life of growth and opportunity. Our employees enjoy competitive benefits, including comprehensive health coverage, retirement plans, and flexible working conditions, all designed to support your career and personal life. We believe in nurturing our team’s potential by providing them with the tools they need to succeed both professionally and personally.

Join Our Team

Ready to take the next step in your career? Explore the job opportunities at Scotiabank by searching our open positions that match your skills and interests. We are continuously hiring and looking for passionate, curious, and solution-driven team players.

Networking and Professional Development

Stay connected and advance your career through Scotiabank’s extensive networking opportunities. Participate in events that connect you with other professionals and leaders within the industry. Our career resources will help you prepare your resume, ace your interviews, and land the job that best suits your career goals.

Stay Ahead

Keep up to date with the latest in career tips, industry insights, and company news—all from the people who work here at Scotiabank. Personalize your experience by subscribing to job alert emails tailored to your preferences and be the first to know about new openings and exciting developments. Join Scotiabank and be part of a team that values integrity, respect, and accountability. Discover how your career can flourish in an environment committed to your professional development and personal growth.
Learn more about Scotiabank
Size
90,619 employees
Market Cap
$57.5 billion
Industry
5 Year Trend
+7%
NASDAQ

Similar Jobs

More Jobs at Scotiabank

More Finance & Insurance Jobs

Find similar Global Head, Technology Risk Officer jobs: