Scotiabank is hiring: Director, Cybersecurity Risk Management in Dallas

Director, Cybersecurity Risk Management

Requisition ID: 245907

Salary Range: 157,700.00 - 264,200.00

Salary offered may vary based on factors, including the successful candidate’s relevant knowledge, skills, and experience.

Location(s): United States: Texas: Dallas

Purpose

The Director, Cybersecurity Risk Management will lead the charge in strengthening Scotiabank’s second line of defense (2LoD) Cybersecurity risk oversight of the first line implementation of cybersecurity programs, initiatives and delivery. This role requires a visionary leader with a deep understanding of cybersecurity principles, risk management, and compliance frameworks.

What You’ll Do

• Partner with global Risk team to develop and maintain a comprehensive Cybersecurity and Technology Risk Management Framework.
• Serve as a subject matter expert and trusted risk oversight partner on cyber risks, regulatory reporting, and audit requirements, supporting requests and providing guidance across key cybersecurity domains including Security Event Detection, Red Team, Cyber Incident Response, Cyber Threat Intelligence, Cyber Assurance, Exercise & Simulations, Technology Resilience, Scenario Analysis, Third Party Cyber and Application Security.
• Conduct effective challenge of high-risk items ensuring actionable risk-based insights and solutions.
• Partner with stakeholders in CISO, business, technology, and all three lines of defense to drive security compliance and awareness.
• Lead risk oversight and challenge of first line risk management strategies and compliance activities ensuring the organization’s cybersecurity posture is robust and resilient.
• Provide insights and recommendations on cybersecurity trends, best practices, internal and external audit reports, and regulatory changes that may impact the organization.
• Identify risk scenarios using the MITRE ATT&CK Framework, calculate scoring, and present to executive leadership to drive risk-based action.
• Collaborate with the Cyber Security Incident Response Team (CSIRT) to ensure timely monitoring, detection, and response to threats.
• Ensure adherence to cyber risk management regulations including FFIEC, OSFI and other applicable laws.
• Build and mentor a high-performing team, providing training and development opportunities to keep team members current.
• Ensure alignment with the Bank’s risk appetite and culture in all activities and decisions.
• Create an environment where the team pursues effective and efficient operations in accordance with Scotiabank’s Values and Code of Conduct.

What You’ll Bring

• University degree in Computer Engineering, Computer Science or related field and a minimum of 10 years’ experience in increasingly senior Information Security roles in a complex global organization.
• Cybersecurity, technology or risk management certifications such as CISSP, CCSP, CEH, CISM etc.
• Strong understanding and experience with regulatory and industry cybersecurity frameworks including CRI Sector Profile, NIST, FFIEC, OSFI, and MITRE ATT&CK.
• Preferred certifications include CISA or equivalent and familiarity with compliance frameworks such as ISO or NIST.
• 10+ years of related IT process experience including internal audit, external audit or risk assessment.
• Experience with financial sector regulatory practices and second line of defense challenge.
• Excellent written and verbal communication skills and ability to communicate security objectives to all stakeholders.
• Strong leadership and collaboration skills; ability to present confidently to senior executives and manage change in high-pressure environments.
• Solid understanding of cybersecurity disciplines Cloud Security, AI/ML, Network Security, Threat Modeling, Vulnerability Management and Technology Resiliency.
• Advanced analytical reasoning skills and problem-solving abilities.
• Proven ability to lead through change, manage dependencies and control change.
• Understanding of cybersecurity diligence methods including vulnerability assessments and penetration testing.
• Ability to influence at all levels of management across functions.

Interested?

If your experience is related but doesn’t align perfectly with every qualification, we encourage you to apply – you might be the right candidate for this or other roles at Scotiabank.

What’s in it for you?

Scotiabank wants you to bring your best self to work. With a focus on holistic well‑being, our flexible benefit programs support your family, financial, physical, mental and social health needs.

Scotiabank is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by federal, state or local law.