Requisition ID: 267276
Salary Range: -
Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate's relevant knowledge, skills, and experience.
Purpose
Contributes to the overall success of the Technology, Risk and Control Self-Assessment program globally ensuring specific individual goals, plans, and initiatives are executed/delivered in support of the team's business strategies and objectives. Ensures all activities are conducted in compliance with governing regulations, internal policies and procedures.
The Manager, Technology RCSA supports the execution of the Technology Risk & Control Self-Assessment (RCSA) program. The role is responsible for hands-on coordination, analysis, and documentation of Technology RCSAs, contributing to disciplined risk identification, control assessment, and clear risk outcomes
What You'll Do
• Support end-to-end execution of Technology RCSAs across assigned systems, platforms, and services.
• Coordinate risk identification sessions, inherent risk scoring, control mapping, and residual risk assessments.
• Gather, analyze, and document risk and control information in accordance with approved RCSA methodology.
• Assess control design and operating effectiveness across key technology domains (e.g., access management, change management, resiliency, third-party risk).
• Identify control gaps, emerging risks, and required remediation actions and escalate material issues as appropriate.
• Support validation of assessment outcomes with First Line stakeholders. Stakeholder Coordination
• Partner with First Line Technology teams to collect required data and supporting evidence.
• Coordinate with Second and Third Line teams to support review and challenge processes.
• Maintain accurate documentation, issue logs, and remediation tracking for assigned RCSAs
• Contribute to RCSA status updates, findings, and emerging risk themes.
• Assist in preparing summaries and materials for senior management and governance forums.
• Support continuous improvement of RCSA tools, templates, and procedures.
• Apply quality standards and escalate risks, issues, or execution challenges as appropriate.
What You'll Bring
• Hands-on experience executing risk assessments or similar governance processes.
• 5-8+ years of experience in Technology Risk, Operational Risk, IT Audit, or RCSA within a large financial institution. Foundational understanding of technology and cyber risks, strong analytical skills, and experience working in a regulated environment.
• Industry certifications desirable (e.g. CISSP)
• Knowledge of relevant regulatory rules (OSFI, FFIEC, NYDFS 500) and frameworks (NIST, COBIT) is preferred
• Experience supporting regulatory compliance and risk management frameworks (e.g., NIST, ISO, FFIEC) is preferred.
• Bachelor's degree in Information Systems, Computer Science, Risk Management, or related field.
Interested?
If your experience is closely related but doesn't align perfectly with every qualification, we do encourage you to apply - you might be the right candidate for this or other roles at Scotiabank!
What's in it for you?
Scotiabank wants you to be able to bring your best self to work - and life, every day. With a focus on holistic well-being, our many flexible benefit programs are designed to help support your unique family, financial, physical, mental, and social health needs.
#Dallas
Location(s): United States : Texas : Dallas