Associate Director, Cyber and Tech Risk

Job Summary

Job Description

What is the opportunity?

This includes: providing an opinion on RBC’s Technology risk posture, developing Key Risk Indicators to measure and monitor Cyber & Technology Risk and contributing to the development of enterprise policies and standards governing Technology Operations and Infrastructure Risk.

You will support Operational Risk Management leadership within Group Risk Management in delivering various oversight and challenge processes, including: tracking and reporting on status and quality of key operational and technology risk programs; developing and utilizing effective risk appetite metrics that provide insights into current risk level; identifying issues with policy compliance through analysis and testing of controls; monitoring and assessing technology; and performing thematic reviews to investigate issues and providing value add recommendations.

• Leverage data driven insight and provide opinions and challenge on key risk indicators.
• Support the completion of thematic reviews, scenario analysis, external event analysis, new change initiative assessments and development of risk profiles that can be leveraged to report to senior management, board and regulators
• Provide 2nd line of defense effective oversight and challenge for T&O Operational and IT risk programs such as Risk and Control Self-Assessments, Operational Risk Event Reviews, IT Risk Assessments, Integrated Risk Profiles to validate the business is operating within Risk Appetite.
• Champion risk management rather than risk avoidance, by seeking solutions.
• Maintain and grow knowledge of emerging technologies, threats/vulnerabilities and risk management practices and their implications to the business platform.
• Support the business by challenging that appropriate IT risk requirements are embedded into third party contracts as contractual remedies.
• Maintain assigned Domain Risk Profiles to provide a strong fact based opinion on the IT Risk profile
• Develop quarterly profile across all Cyber and IT Risk Categories and Scenarios.
• Operate a one front door policy by ensuring effective support of business requests and follow through.
• Develop and maintain key internal and external relationships in order to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting

What do you need to succeed?

Must-have:

• Working experience in developing/supporting Information Technology, ideally in financial services or other regulated industries (insurance, healthcare, etc)
• Expert knowledge of Cyber Security concepts, methodology, processes and procedures and controls.
• 5 years’ experience in in risk identification, aggregation, analysis, and ranking
• Strong metrics and performance management background including data management and analysis
• Ability to gain credibility and influence in a federated environment and diverse processes and partner with groups across divisions to get visibility to key technology risks
• Very strong interpersonal and communication skills; ability to communicate with and present to people in wide variety of areas and at various levels from technical specialists and business partners, to senior executives.

Nice-to-have:

• Experience in a larger financial services company
• Knowledge of Project Management (PMF) process/disciplines
• CRISC or other Information Security Certifications

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.
• Leaders who support your development through coaching and managing opportunities.
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive, and high-performing team.
• Flexible work/life balance options.
• Opportunities to do challenging work.
• Opportunities to take on progressively greater accountabilities.
• Opportunities to building close relationships with clients.

#LI-HYBRID

#LI-POST

Job Skills

Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management

Additional Job Details

Address:

20 KING ST W:TORONTO

City:

TORONTO

Country:

Canada

Work hours/week:

1. 5

Employment Type:

Full time

Platform:

GROUP RISK MANAGEMENT

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2025-01-21

Application Deadline:

2025-02-28

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.

We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.