We are seeking a skilled IT Risk Specialist to join our team at ScotiaTech in Bogota. This role will play a key part in promoting a strong risk culture and ensuring the effective implementation of IT risk management controls. Key Responsibilities - Contribute to the overall success of first line Technology as well as Internal Controls & Regulatory Management (ICRM) by executing individual goals, plans, and initiatives in support of IT&S; and business strategies. - Support the IT Risk / ICRM Team in assessing, evaluating, and quantifying IT risk, designing controls, and implementing them within the business line. Accountabilities - Provide ongoing guidance to support the implementation of, and compliance to established IT Standards, Policies, Procedures, regulatory and cyber requirements. - Support 1st Line of Defense (1A) teams, Risk owners, to build their capability to identify, assess, mitigate and monitor risks associated with their use of information and IT systems. - Conduct risk assessments, Risk Control Self-Assessments (RCSAs), and ensure observations, issues, and outputs are recorded in enterprise tools. - Identify, review, and triage risk incidents, and support root cause analyses. - Ensure that IT Risk assessments and outputs are recorded in enterprise tools and that status is updated periodically. - Perform gap analyses to identify non-compliance with new risk controls, frameworks, policies, risk indicators, metrics, and limits. - Monitor performance of KPIs and KRIs, operationalize programs to improve KRI performance to meet bank's risk tolerance. - Support IT Risk / ICRM team to provide governance of and track SOX evidence collection. - Advocate for IT Risk / ICRM and promote a strong risk culture in partnership with the risk owner.