Our Ability Jobs

Director, IAM Service Delivery

Requisition ID: 206208

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

The Director, GIAM (Global Identity & Access Management) IAM risk and regulatory service delivery will lead the regulatory reporting for the IAM workstream, standard measurement and adherence, centralized exception management, support for compliance testing and regulatory responses, and develop compliance measurements and risk thresholds to accelerate risk reduction and improve regulatory compliance across Scotiabank. This transformation requires a dynamic leader who can engage horizontally across multiple lines of business, CIO technology teams, and all three lines of defense.

The role will have oversight of account lifecycles and tightly define mandatory and preferred controls. This role will also work with the IS&C governance team to update authentication and access management standards and accompanying procedures and policies, as required, to ensure clarity of accountability. In addition, this role will partner closely with central security governance services to define metrics and risk thresholds. This role will also interface with the bank’s regulatory relations team to prepare responses and meetings.

The incumbent will lead the development of a regulatory response and compliance program for Identity and Access Management.

Is this role right for you?

Develop a Strategy for IAM Governance and the Bank’s IAM On-boarding Roadmap

• In partnership with IAM Product and Architecture, provide governance for IAM solutions and initiatives across global channels.

• Develop mandatory and optional controls for application, platform and human adoption.

• Contribute to the Enterprise IAM technology roadmap and recommend capabilities for engineering and implementation.

• Work with existing governance teams to author standards that inform accountability and enable proper risk management and governance.

• Work with standards and governance partners to develop a gap analysis and develop adoption expectations, impacts, and compliance dates.

Partner with CIO Partners and Business Channels, teams to develop a control program and drive control adoption

• Chair the newly formed Identity and Access Management Cross-Functional Leadership Council.

• Establish strong partnerships with channels and service communities accountable for building and integrating into IAM services.

• Facilitate, influence, and govern to institute best practices defined through security engineering and enterprise IAM patterns, designs, and implementation blueprints.

• Work with risk partners to share subject matter expertise, representing IAM on cross-functional transformational programs, to drive priorities and risk reduction.

Partner with Enterprise Security Services, Cybersecurity Operations, Enterprise Platforms, Architecture, and Corporate Security

• Fortify alignment between access management standards and control adoption.

• Support cybersecurity operations on anomalies and potential insider incident investigation.

• Partner with enterprise data enablement and architecture teams on global identity strategy, focusing on risk measurement and controls.

Drive Continuous Evolution of IAM Control Improvements and Risk Reduction

• Development with IAM Engineering, risk partners, CIO teams, platform leaders, regional CISOs, and all lines of defense on continuous enhancement and risk reduction.

• Participate in audits where IAM is engaged either directly or tangentially in support of other teams.

• Work with Control Testing teams to develop appropriate tests and plug control gaps expeditiously when found.

• Contribute to regulatory meeting materials and attend to represent if required.

People Leader

• Lead a dynamic department of security business analysts, onboarding professionals and technical operators of 5 FTEs and scaling bench of contractors and vendors if required.

• Participate in risk committees and steering councils to represent Identity and Access Management incorporated into enterprise decisions.

• Participate in major policy and governance initiatives as the access management subject matter expert (e.g., standard updates, regulatory materials).

• Design controls to meet bank security needs and regulatory requirements.

• Define the strategy for control design and adoption in relation to architectures of applications, programs, and initiatives.

• Standardize security controls across the enterprise through blueprints, designs, patterns, and governance.

• Support critical Bank initiatives from the overall security architecture relevant to and consistent with the objectives of the regulatory matters.

• Lead and drive a client focused, practical, and secure culture throughout the team. Deepen peer relationships and leverage broader Bank relationships, systems, and knowledge.

• Interface routinely with peers in financial services and other industry sectors to share best practices and gain insight into industry trends and experiences. Serve as an expert spokesperson, as appropriate and approved, for BNS direction.

• Strong partnership with peers, technology leads and leaders across IS&C and IT&S.

Do you have the skills that will enable you to succeed in this role?

• University degree, preferably in Cybersecurity, Engineering, Computer Science or related field, and a minimum of 10 years’ experience in Information Security leadership roles, with at least 5 years leading a Security function in a complex, global organization. 5 years with experience building and running enterprise programs. Financial services and, specifically, banking experience is highly desired.

• Detailed knowledge of, and experience working with, one or more formal security frameworks. Detailed knowledge of Canadian and US security regulations is highly desired.

• Demonstrated ability to lead global teams in a highly complex and matrixed organization. Ability to lead through influence, excellence and example is essential to success.

• Strong leadership and collaboration skills. Excellent oral and written communication, ability to present confidently to senior executives, attention to detail and strong planning and management ability.

• The incumbent must be a very strong leader, with demonstrated ability to lead diverse teams and build and maintain credibility with technical and non-technical stakeholders, alike. Deep knowledge of relevant technologies must be combined with the ability to lead highly technical teams, strong business acumen and excellent communication and listening skills.

• The incumbent should have experience as a key partner in global technology transformation efforts, demonstrating the ability to inspire and align diverse points of view, drive efficient and effective decision-making, and to deliver and support a robust information security governance framework.

• Deep and broad knowledge of enterprise and security technologies is expected. Specific strong knowledge and experience with identity, common hosting, storage and networking technologies, as well as cloud, is required.

• The incumbent should have experience delivering excellent results in a large, complex and global environment with a mix of emerging, current and legacy technology. Familiarity and direct experience with outsource delivery models is essential, and experience with successful repatriation of services is highly desired.

• Experience with and knowledge of formal project management methodologies is desired.

• English fluency required, Spanish ability a plus.

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, pleaseclick here (https://www.scotiabank.com/careers/en/careers/technical-support-for-applicants.html) . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.