Audit Manager, Emerging Risk & Cyber Security Audit

 
 
Requisition ID: #
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.
Purpose
Contributes to the overall success of the Emerging Risk & Cyber Security Audit in ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team’s business strategies and objectives.  Ensures all activities conducted are in compliance with governing regulations, internal policies and procedures. As an Audit Manager you will participate in the execution of risk-based technology audits, across Digital Banking, Cloud, and Architecture, of medium to high complexity to provide opinions on the effectiveness of controls to meet business objectives. In addition, you are expected to be knowledgeable in risks associated with systems development methodologies (Waterfall and Agile), Cyber Security, automation and orchestration, and outsourced IT services.
Accountabilities
The incumbent will be required to work as part of a team that assesses the design and operational effectiveness of governance and internal controls relating to the digital banking, cloud services, Cyber Security, data protection and management, outsourcing, infrastructure, and project management. Apart from the technical skills noted, the incumbent should be proficient at applying risk-based auditing standards, practices, techniques, processes, internal/external methodologies and regulatory guidelines to the performance and review of audits. The Bank’s Internal Audit Department plays a key role in the risk management process of the Bank.
A significant portion of the accountabilities will relate to providing assurance over the Bank's Cyber Security and IT general controls across digital banking (web and mobile applications development) and cloud services in an Agile environment using SecDevOps, microservices architecture, and third-party outsourcing as follows:
style="margin-bottom:1.0px;margin-top:1.0px"-
-Execute risk-based information technology audits of moderate to high complexity and conclude whether risks are appropriately managed through the existence of effective control or other techniques.
-Follow the Audit Standard Guidelines of the Bank and specific application, project and operations audit methodologies.
-Ensure that audit conclusions and recommendations are properly supported by an orderly accumulation and analysis of documented audit evidence, and that the audit report content is clear, concise and supported by the audit work completed.
-Perform accountabilities with some supervision and provide audit management and audit client with regular status updates of the assignment. The incumbent is expected to seek and obtain direction, perspective and resources as required in order to complete the assigned audit on time and within budget.
-Prepare and discuss audit findings with clients; identifying significant issues in a business context, working with audit clients to identify and recommend feasible solutions.
-Establish and maintain positive relationship management with audit clients.
-Maintain information security competency through ongoing professional development and staying abreast of technical matters in the industry.r
-Champions a customer focused culture to deepen client relationships and leverage broader Bank relationships, systems and knowledge.
-Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions.
Skills, Experience & Functional Competencies
-3-5 years of experience in information technology, information security, Cyber Security, IT risk, IT audit or a related field.
-Good knowledge of IT processes such as digital banking, cloud engineering and operations, IT and Cyber Security.
-Excellent written and verbal communication skills.
-Some knowledge and experience with security assessment tools (e.g., exploit tools, vulnerability assessment) would be an added advantage.
-Ability to work independently and as part of a team of professionals.
-Working knowledge of primary Bank business areas (e.g., retail banking) would be an asset.
Education and Other Requirements
-Bachelor’s degree in information technology, computer science or equivalent required.
-One or more of the following certifications: CISA, CISM, CRISC, CRMA, CCSP or working towards achieving these.
-Good analytical skills and proficiency with Microsoft Word, Excel, and PowerPoint.
Location(s):  Canada : Ontario : Toronto 
Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  
At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.