Royal Bank of Canada

Associate Director, Cyber and Technology Risk

Toronto, Ontario Vancouver, British Columbia
Oracle SQL API
Description

Job Summary

As part of the Group Risk Management’s Enterprise Resilience Risk team, the Associate Director, Cyber & Technology Risk will be responsible for providing challenge and oversight on cybersecurity programs, cyber technology, and cyber operations teams. You will be responsible to provide an opinion on RBC’s cybersecurity risk posture, developing / overseeing cybersecurity Key Risk Indicators to measure and monitor risk and contributing to the development of enterprise policies and standards governing global cyber security.

Job Description

What is the opportunity?

As part of the Group Risk Management team, the Associate Director, Cyber and Technology Risk will support IT/Cyber Risk Management leadership within Enterprise Resilience Risk team  in delivering various oversight and challenge processes including: tracking and reporting on status and quality of key Cyber/Technology Risk programs; developing and utilizing effective risk appetite metrics that provide insights into current risk level; identifying issues with policy compliance through analysis and testing of controls; monitoring and assessing cyber/technology incidents; and performing thematic reviews to investigate issues and providing value add recommendations.

What will you do?

  • Leverage data driven insight and provided opinions and challenge on key risk indicators.
  • Support the completion of thematic reviews, scenario analysis, external event analysis, new change initiative assessments and development of risk profiles that can be leveraged to report to senior management, board, and regulators.
  • As second line of defense, work closely with first line to provide effective and cyber/technology oversight and challenge for T&O Operational and IT risk programs such as Risk and Control Self-Assessments, Operational Risk Event Reviews, IT Risk Assessments, Integrated Risk Profiles to validate the business is operating within Risk Appetite.
  • Champion managing risk rather than risk avoidance, by seeking solutions.
  • Maintain knowledge of emerging technologies, threats/vulnerabilities and risk management practices and its implications to the business platform.
  • Maintain assigned Domain Risk Profiles to provide a strong fact-based opinion on the Technology Risk profile.
  • Maintain a monthly risk profile across Technology Risk categories.
  • Operate a one front door policy by ensuring effective support of business requests and follow through.
  • Develop and maintain key internal and external relationships to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting.
  • Provide oversight and challenge on the management of significant cyber incidents.
  • Support cyber/technology related regulatory examinations / requests / assessments / reporting.
  • Recommend changes to Cyber & IT Risk policies/standards to maintain currency in ensuring relevance to emerging technologies and delivery models.
  • Develop and maintain key Technology relationships to provide expertise and oversight on new initiatives.
  • Keep abreast of emerging technology threats.  
  • Proactively manage complex and sometimes competing relationships with key local, regional, and global stakeholders on a regular basis
  • Develop strong relationships within GRM and Operational Risk teams in support of common objectives and goals

What do you need to succeed?

Must Have:

  • 5+ years’ of risk management experience in cyber and technology security.
  • 5+ years’ work experience in a mid-large size organization.
  • Strong knowledge of cyber security standards, risks, threats, prevention measures, and best practices.
  • Strong knowledge of security operations, identity and access management , information protection concepts and techniques, cloud security, network security
  • Strong knowledge in IT and operational risk management processes, methods and tools
  •  3+  years’ experience in developing and supporting  infrastructure and technology operations in areas such as DevOps, architecture, disaster recovery, operational resilience, IT Asset Management, incident and problem management
  • Good Technical knowledge and experience covering the operating systems (e.g. Unix, Windows, zOS,) and database systems (e.g. Oracle, SQL Server, Sybase, DB2) and middleware (e.g. Tomcat, JBOSS, IIS)

Nice-to-Have:

  • Working knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as NIST, COBIT, SOC2 reporting framework
  • Solid understanding of current / emerging technology
  • Working knowledge of modern technologies  (e.g. Cloud, APIs, DevOps)   
  • Strong knowledge of technology standards, and best practices.
  • Working knowledge of GRC tools (e.g., Archer, ServiceNow, etc.)
  • Project management

What is in it for you?

We thrive on the challenge to be our best, progressive thinking, to keep growing, and working together to build and deliver trusted reporting to help our stakeholders succeed and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • Opportunities to take on progressively greater accountabilities

Job Skills

Cyber Operations, Cyber Risks, Cybersecurity, Cyber Security Management, Cybersecurity Risk Management, Decision Making, Detail-Oriented, Emerging Technologies, Encryption Software, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology (IT) Risk, Information Technology Security, Key Risk Indicators, Leadership, Operational Risks, Risk Appetite, Risk Assessments, Risk Control, Risk Management, Risk Profile, Strategic Thinking

Additional Job Details

Address:

20 KING ST W:TORONTO

City:

TORONTO

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

GROUP RISK MANAGEMENT

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2024-10-08

Application Deadline:

2024-12-21

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
​​​​​​​
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

Royal Bank of Canada
Royal Bank of Canada
Banking Financial Services Wealth Management

0 applies

2 views

Other Jobs from Royal Bank of Canada

Senior Software Developer

Toronto, Ontario Canada

Branch Manager Intern

Halifax, Canada

Similar Jobs

Senior Full Stack Developer/Tech Lead

Bengaluru, India Remote Hybrid

Senior Software Developer

Toronto, Ontario Canada

Data Engineer 1

Remote Philippines

There are more than 50,000 engineering jobs:

Subscribe to membership and unlock all jobs

Engineering Jobs

60,000+ jobs from 4,500+ well-funded companies

Updated Daily

New jobs are added every day as companies post them

Refined Search

Use filters like skill, location, etc to narrow results

Become a member

🥳🥳🥳 401 happy customers and counting...

Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.

To try it out

For active job seekers

For those who are passive looking

Cancel anytime

Frequently Asked Questions

  • We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
  • We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
  • We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
  • We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
  • Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
  • Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
  • Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅

What Fellow Engineers Say