Director, Cyber and Technology Risk, Functions

Job Summary

Manages the day-to-day operations and effectiveness of security-related programs and initiatives; assesses the costs associated with potential threats and solutions required to eliminate or minimize threats. Manages activities through senior managers and managers and implements corporate and divisional strategic plans and budgets.

Job Description

What is the opportunity?

The Director, Cyber and Technology Risk, Functions will be responsible for providing Cyber and IT Risk Management subject matter expertise in the form of oversight and challenge to the first line of defense operating teams across the Functions areas including GRM, CAO, CAE, CFO, CHRO, and CLAO and the related Technology groups globally. This includes: providing an opinion on RBC’s Technology risk posture, developing Key Risk Indicators to measure and monitor Cyber & Technology Risk and contributing to the development of enterprise policies and standards governing Technology Operations and Infrastructure Risk.

You will support Operational Risk Management leadership within Group Risk Management in delivering various oversight and challenge processes related to Functions, including: tracking and reporting on status and quality of key Technology Risk programs; developing and utilizing effective risk appetite metrics that provide insights into current risk level; identifying issues with policy compliance through analysis and testing of controls; monitoring and assessing technology; and performing thematic reviews to investigate issues and providing value add recommendations.

What will you do?

• Develop and maintain an informed and balanced IT Risk profile for assigned areas that demonstrably supports risk opinions.
• Leverage data driven insight and provide opinions and challenge on key risk indicators.
• Support the completion of thematic reviews, scenario analysis, external event analysis, new change initiative assessments and development of risk profiles that can be leveraged to report to senior management, board and regulators.
• Provide 2nd line of defence effective oversight and challenge for T&O Operational and IT risk programs such as Risk and Control Self-Assessments, Operational Risk Event Reviews, IT Risk Assessments to validate the business is operating within Risk Appetite.
• Champion managing risk rather than risk avoidance, by seeking solutions.
• Maintain knowledge of emerging technologies, threats/vulnerabilities and risk management practices and its implications to the business platform.
• Support the business by challenging appropriate IT risk requirements are embedded into third party contracts as contractual remedies.
• Maintain assigned Domain Risk Profiles to provide a strong fact based opinion on the IT Risk profile.
• Develop quarterly profile across all Cyber and IT Risk Categories and Scenarios.
• Operate a one front door policy by ensuring effective support of business requests and follow through.
• Develop and maintain key internal and external relationships in order to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting.

What do you need to succeed?

Must-have:

• 8 years working experience in developing/supporting Information Technology.
• Expert knowledge of Cyber Security concepts, methodology, processes and procedures and controls.
• 5 years in the financial services or other regulated industries.
• 5 years’ experience in risk identification, aggregation, analysis, and ranking.
• Strong metrics and performance management background including data management and analysis.
• Ability to gain credibility and influence in a federated environment and diverse processes and partner with groups across divisions to get visibility to key technology risks.
• Very strong interpersonal and communication skills; ability to communicate with and present to people in wide variety of areas and at various levels from technical specialists and business partners, to senior executives.

Nice-to-have:

• 5 years managing employees, either directly or indirectly through risk management engagements.
• 5 years in a larger financial services company.
• 5 years retail banking experience.
• Knowledge of Project Management (PMF) process/disciplines.
• CRISC or other Information Security Certification.
• Post-secondary degree in Computer Science, Engineering, Information Systems or a related field of study.

What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

Job Skills

Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management.

Additional Job Details

Address: 20 KING ST W:TORONTO

City: TORONTO

Country: Canada

Work hours/week: 37.5

Employment Type: Full time

Platform: GROUP RISK MANAGEMENT

Job Type: Regular

Pay Type: Salaried

Posted Date: 2025-03-31

Application Deadline: 2025-04-12

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above.

Inclusion and Equal Opportunity Employment

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.