Associate Director, Cyber and IT Risk and Reporting

What is the Opportunity?

As part of the Group Risk Management (GRM) U.S. IT and Cyber risk management team, the Associated Director, Cyber and Technology Risk will be responsible for overseeing RBC’s Combined U.S. Operations (CUSO) Identity and Access Management (IAM) risk management reporting frameworks and enhancing IT risk reporting capabilities. This role requires strong collaboration with our business aligned risk leads and across functional groups in first line of
defense (1LOD), Regulatory Relations, internal audit, enterprise IT and cybersecurity risk management team, to identify, assess, and mitigate IT and Cybersecurity risks with the focus on Identity and Access management (IAM) ensuring effective communication with senior management and stakeholders.

You will support the Second Line of Defense Cyber and IT Risk Management leadership within the U.S. IT & Cyber Risk team in delivering various oversight and challenge processes including: enhancing and standardizing CUSO IT & Cyber risk reporting process; developing and utilizing effective risk appetite metrics that provide insights into current risk level; tracking and reporting on the status and quality of key IAM Risk Management programs; and, contributing to the development of enterprise and CUSO policies and standards governing
Identity and Access Management Risk.

What will you do?

• Participate in and contribute to IT and Cybersecurity risk metrics and risk appetite development and ensure alignment with US risk reporting requirements.

• Monitor the CUSO IT & Cyber risk metrics and provide opinions and challenge on key risk indicators.

• Engage with CUSO business aligned risk leads and the Enterprise IT and cybersecurity risk management team to create and maintain the Technology and Cyber Risk Profile for the CUSO portfolio, ensuring they reflect accurate and complete IT and Cyber risk posture and compliance status.

• Leverage data driven analytics and business intelligence to identify trends, key areas of risk and leading risk indicators and provide opinions and insights that inform information risk mitigation strategies with our stakeholders.

• Prepare and present executive-level reports that summarize complex IT and cybersecurity risks based on data and metrics with a business context lens that provides risk intelligence to executive leadership.

• Develop engaging PowerPoint presentations that effectively communicate risk findings and recommendations. Collaborate with senior management, IT and cross-functional teams to communicate emerging risks and facilitate risk remediation efforts.

• Lead IT and Cybersecurity Risk Management committee presentations to promote risk awareness across the organization.

• Develop and maintain key internal and external relationships to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting.

What do you need to succeed?

• 5+ years of experiences in identity and Access Management, IT and cybersecurity risk management, IT Security, compliance, audit or related roles with a focus on assessing and mitigating access-related risks , preferably in a large, global financial services company

• Bachelor’s degree in Information Technology, Risk Management, Finance, or a related field

• Demonstrated ability to identify and analyze IAM-related risks, including access control gaps, excessive privileges, or segregation of duties violations

• Detail-oriented and action-oriented individual who continually strives for improvement.

• Proven experience in senior management or executive reporting with a strong emphasis on effective communication and presentation skills

• Strong understanding of regulatory frameworks (e.g., NIST, FFIEC) and IT and cybersecurity risk management principles and standards, Information Security and/or IT Risk domains

• Ability to work collaboratively with diverse groups and cross-functional teams to address emerging risks and facilitate ongoing risk remediation

• Proficiency in risk management tools, data analytics software such as Tableau, Microsoft Excel and PowerPoint

• Strong problem-solving abilities and a strategic mindset

• Excellent interpersonal skills and relationship management skills with the ability to present information effectively, able to inspire trust and engage stakeholders at all levels

• Excellent analytical, communication, and presentation skills, with the ability to convey complex concepts to diverse audiences

• Certifications in IT or cybersecurity risk management (e.g., CRISC, CISM, CISSP, or similar) preferred

• Identity Access Management preferred

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable

• Leaders who support your development through coaching and managing opportunities

• Ability to make a difference and lasting impact

• Work in a dynamic, collaborative, progressive, and high-performing team

• Opportunities to do challenging work

• Opportunities to build close relationships with clients

The good-faith expected salary range for the above position is $110,000 - $190,000 (New Jersey), $85,000 - $150,000 (Minnesota) depending on factors including but not limited to the candidate’s experience, skills, registration status; market conditions; and business needs.  This salary range does not include other elements of total compensation, including a discretionary bonus and benefits such as a 401(k) program with company-matching contributions; health, dental, vision, life and disability insurance; and paid time-off plan. RBC’s compensation philosophy and principles recognize the importance of a highly qualified global workforce and plays a critical role in attracting, engaging and retaining talent that:

• Drives RBC’s high performance culture

• Enables collective achievement of our strategic goals

• Generates sustainable shareholder returns and above market shareholder value

#LI – Hybrid

#LI – POST

Job Skills

Communication, Cyber Risks, Emerging Risks, Financial Regulation, Information Technology (IT) Risk Management, Risk Appetite, RiskMetrics, Risk Mitigation Strategies, Risk Profile, Risk Reporting, Strategic Risk Management

Additional Job Details

GOLDMAN SACHS TOWER, 30 HUDSON STREET:JERSEY CITYJersey CityUnited States of America40Full timeGROUP RISK MANAGEMENTRegularSalaried2025-01-222025-03-31

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above