A Best Workplace
Scotiabank is a premier financial institution and Canada’s most international bank recognized as a Best Workplace®, in Canada, Mexico, El Salvador, Costa Rica, Puerto Rico, Dominican Republic, Panama, Peru, Chile and Latin America by the Great Place to Work® Institute.
A multinational winning team
Scotiabank is Canada’s international bank and a leading financial services provider in North America, Latin America, the Caribbean and Central America, and parts of Asia. We are dedicated to helping our 21 million customers become better off through a broad range of advice, products and services, including personal and commercial banking, wealth management, corporate and investment banking.
Corporate Social Responsibility
Scotiabank helps to build bright futures worldwide through ethical banking practices, environmental awareness and a commitment to communities.
To safeguard the information assets of the Bank from the consequences of non-compliance with privacy-legislation, ineffective management of our liability on customer and employee personal information, regulatory sanction or damage to reputation by: establishing subject matter expertise in IT and Operational privacy controls and practices, identifying sources of best and leading industry IT and Operation privacy and risk-mitigation practices; establishing process to identify and assess risks in the Bank’s personal information repositories; assessing risk-mitigation practices to privacy exposures in the outsourced technology operation, by developing standards and control guidance, providing consulting and advisory services across the lines of business, and by building relationships with key IT service providers and business partners at the Bank.
– Administering the Privacy Impact Assessment process, which involves assessing the privacy impact of all new technologies, services, processes and vendor relationships that involve the collection, use, disclosure and processing of customer and employee personal information. This includes building process for new as well as legacy projects and risk assessing these projects.
– Researching and supporting the establishment of core competency in international data-transfer legislation and practice, trans- and cross border data transfers, and identifying changes in international legislation; assessing operational impacts of the same, and advising IT&S on the trends in future control requirements.
– Supporting and administering the self-assessment exercise by: support the business in assessing privacy risks and controls, completing the Global Operational Risk annual report and following up where necessary to ensure action plans are complete. We will also contribute compliance-related content to the report.
– Supporting the Privacy Office’s projections and safeguards over sensitive Bank personal information by assessing the impact of innovations in support of digital technology, including social media, tracking and profiling, and data analytics. Assessing the impact of changes in cloud and third party vendor management, new delivery channels such as mobile, and
– Implementing assessment mechanisms over third party and international data centers as a result of outsourced or cloud-enabled projects, including the analysis of Service Auditors reports and similar audit and third party attestations.
– Operating the monitoring and oversight program by: reviewing reports received by partners throughout the Bank (e.g., Branch Review Teams, Employment Law Group, Human Resources, Internal Audit, Symcor, etc.) for systemic or other issues; escalating or initiating corrective action as required; and documenting actions in accordance with the Privacy Office’s monitoring and testing program.
– Executing and documenting testing activities in accordance with the Business Conduct and Privacy Unit Compliance Oversight Plan.
– Manage and assist the Senior Manager with compiling all risk and control reports to develop dashboard reporting regarding scope and coverage of the privacy program. Provide metrics and develop analytics based on breaches, risk present, controls and remediation procedures implemented enterprise-wide.
– This includes: maintaining an up-to-date list of Business Unit Privacy Officers, in accordance with the Privacy Handbook; acting as the Secretary of the Canadian and Quarterly Privacy / Compliance Officers Committee; and supporting the Senior Manager’s efforts to build Business Unit Privacy Officer / Compliance Officer capacity.
Other Duties and projects as assigned
- University degree, preferably with an accounting, audit, information technology background or related field.
- Certified Information Privacy Professional (Canada), or a related or similar qualification, or willingness to complete the certification.
- Information Security qualifications, e.g., a Certified Information Systems Security Professional designation
- Experience working in a diversified financial services company or established privacy department
- Financial services compliance experience and qualifications, e.g., Certified Financial Crimes Specialist
- Knowledgeable about global privacy and information security regulations, enforcement trends and best-practices;
- Familiar with information privacy concepts, financial services technology, systems and processes;
- Knowledgeable as to the uses of technology in online marketing, including the tracking of consumer behaviours online and best practices to present internet users with privacy notices and consumer choices;
- Experienced at using technology to support compliance programs;
- Skilled in communicating both verbally and in writing with all levels including branch staff, operational and senior management, regulators and customers;
- Proficient at written and verbal communications, in particular, the development of succinct and useful reporting on compliance issues for an Executive Management audience.
- The ability to produce high quality dashboard reporting.
- Spanish speaking and writing skills
Scotiabank is committed to providing an inclusive and accessible candidate experience. Only those candidates selected for an interview will be contacted. If you require accommodation during the recruitment and selection process, please let us know. We will work with you to meet your needs.