Enable job alerts via email!
Senior Manager, Model Validation
Scotiabank
Toronto
On-site
CAD 75,000 - 95,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading Canadian bank is seeking an IT Risk Analyst in Toronto to review and manage IT risk findings across multiple regions. The analyst will assess compliance issues, coordinate audits, support project risk assessments, and communicate with stakeholders on remediation plans. Preferred qualifications include experience in banking risk functions and familiarity with tools like Archer and Tableau. This position requires a strong independent professional dedicated to improving risk management practices.
Qualifications
- Experience in banking, finance IT, or wealth management risk functions is preferred.
- Familiarity with risk management and reporting tools is essential.
- Ability to work with global teams on cross-regional risk issues.
Responsibilities
- Review and assess IT risk findings from application teams.
- Coordinate audits and facilitate compliance with security standards.
- Support project risk assessments and ensure accuracy of risk documentation.
- Communicate effectively with stakeholders about risk findings.
- Identify gaps in risk management practices and propose improvements.
Skills
Tools
IT Risk Analyst – Toronto (minimum 4 days onsite) – Canada
The IT Risk Analyst will be responsible for reviewing, documenting, and managing IT risk findings across multiple regions (UK, Toronto, India). This role requires a senior, independent professional with a strong understanding of IT risk standards, audit processes, and the ability to challenge and improve risk management practices within the organization.
- Review and Assess IT Risk Findings
- Evaluate risk findings created by application teams, focusing on non‑compliance issues (e.g., NPIDs, vulnerabilities, DLP, expired passwords).
- Ensure findings are properly documented and milestones for remediation are tracked and addressed.
- Play a review role rather than direct remediation; ensure standards are followed and findings are closed appropriately.
- Audit Coordination
- Work closely with internal and external auditors, project teams, and operational risk teams to provide evidence and meet audit requirements.
- Facilitate audits, including application security, data security, IAM, PAM, and compliance (e.g., GDPR, NYDF).
- Coordinate quarterly/monthly governance calls to highlight risk issues and progress.
- Project Risk Assessment
- Support project risk assessments, including preparing and reviewing documents such as IRP (Integrated Risk Profile), IT Risk Triage, and related artifacts.
- Collaborate with PMs, tech leads, and custodians to ensure risk documentation is complete and accurate.
- Communication & Stakeholder Management
- Ensure effective communication with application teams, auditors, and other stakeholders regarding risk findings and remediation plans.
- Make teams accountable for addressing findings and ensure timely follow‑up.
- Process Improvement
- Identify gaps in current risk management practices and propose improvements.
- Support the development and refresh of risk integration activities, crown jewel reviews, and app lists.
- Prior experience in banking, finance IT, or wealth management risk functions.
- Familiarity with Archer, Tableau, and other risk management/reporting tools.
- Experience working with global teams and managing cross‑regional risk activities.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
