Come Work with Us!
At RBC, our culture is deeply supportive and rich in opportunity and reward. You will help our clients thrive and our communities prosper, empowered by a spirit of shared purpose.
Whether you’re helping clients find new opportunities, developing new technology, or providing expert advice to internal partners, you will be doing work that matters in the world, in an environment built on teamwork, service, responsibility, diversity, and integrity.
Lead Cyber Controls Assurance
WHAT IS THE OPPORTUNITY?
To provide IT Risk expertise within RBC. To use this expertise in Internal assessment and external representation with the objective of optimum confidentiality, integrity and availability of all RBC Information assets.
This position will provide deep technical leadership, knowledge sharing and process development in the area of IT Security risk assessment services supporting the global RBC business and Technology team with an expected outcome of a stronger risk posture for RBC. This job adds value by providing deep Information Security Assessment related technical insight for components of the assessment process for low, medium and high risk engagements by providing day to day technical knowledge and expertise.
This role will also be responsible for managing and overseeing the Information Security assessment process in support of the Enterprise wide Information Security program to ensure compliance with Information Security policies, standards, regulations and industry standards
WHAT WILL YOU DO?
Information Security Assessment leadership and Execution.
Provide deep technical assessment services to Project teams and their Business units to assist in their design in order to identify potential IT risks.
Review intricate issues and recommend the appropriate controls to mitigate/address these risks
Participation and provide expert guidance in the IT Risk project/ process enhancement initiatives.
Participation in highly technical complex Security Reviews, Walkthroughs, Assessments, and other Risk Assessments
Preparation in more difficult technical Security Risk Assessments
Act as a point of escalation on all Security Assessments and provides senior management with timely updates on issues.
Assesses/ researches and analyzes business and I.S needs, exploring alternative options to recommend the best solution based on the requirements needs and challenges.
Interfaces and builds key relationships with the Business, Security Architects, Lead Architects, Risk reviewers and IT Risk COG to ensure assessment and project objectives are met.
Lead and perform assessment on complex, critical and time sensitive projects with minimum supervision
Leads complex group meetings (including business partners) for decision making, problem solving, implementation and strategic planning.
Prepares and delivers presentations to business and technology partners and senior management on specific programs/projects and in support of the team’s objectives.
Provide IT Risk with policy interpretation and advice on the development of standards and procedures, guidelines that align with policy in order to ensure Key Risk Indicators (KRI’s) and Key Performance Indicators (KPI’s) are met.
Advise and assist in IT Risk mitigation planning activities
Provide ad hoc assessment services to high priority/ high complex initiatives.
Mentor and develop more junior Security assessors in the most highly technical and complex engagements managed by the team.
Contribution to Strategy and Best Practices Definition
Conducts ongoing measurement and evaluation of the effectiveness of the Security Assessment capabilities implemented
Provides recommendations to Snr Management for strategy development to significantly improve ineffective practices.
Leverages practical experience and industry best practice to identify areas for improvement in the established process.
Collaborate with Business Aligned IT Risk Directors to provide subject matter expertise to determine appropriate controls and to advise the business on the implementation of controls taking into consideration specific business platform and regional complexities and issues. These platforms, regional complexities and issues would be considered the most complex and would require more in depth technical understanding of our managed technologies.
Provide advice and counsel to senior management and executives to enhance their ability to anticipate, identify, manage, and remediate IT risk effectively.
Provides recommendations to the Director / Senior Director/Snr Managers for process and strategy development.
WHAT DO YOU NEED TO SUCCEED?
Minimum of 3 years of experience in the Information Security field
Required 3+ years financial services or comparable multi-industry consulting experience
Required 8-10 years in Information Security.
Professional with experience on security consulting, designing and delivering large projects/programs
Advanced expertise in evaluating candidate technologies and platforms and executing on Information Security strategy.
Experience in formulating optimal ways to improve services/products, taking into account a medium term perspective.
Advanced experience in solving medium complexity business challenges for business partners leveraging existing or emerging technologies
Successful at communicating equally effectively across diverse audiences and organizational levels
Bachelor’s Degree in Management Information Systems, Information Security, Computing and Information Systems or equivalent experience
Relevant certifications required CISA, CISSP, and CRISC
Expert knowledge of RBCFG Security Policies and Standards
Expert knowledge of Information Security practices
Has knowledge of ISO 27002, NIST 800 series, COBIT control framework
Proficient knowledge of compliance, audit and privacy policies and regulations
General knowledge of security technology & associated domains
Access control products
General knowledge of RBC Technology Security Standards & Practices
People Management Knowledge
RBC HR philosophy, principles, direction, policies & guidelines
Talent management process (recruitment/selection, performance management, performance development/coaching, reward/ recognition)
Conflicts and issues resolution and escalation
Strong communication skills
Team work and Co-operation
Listening, Understanding and Responding
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
Leaders who support your development through coaching and managing opportunities
Ability to make a difference and lasting impact
Work in a dynamic, collaborative, progressive, and high-performing team
A world-class training program in financial services
Flexible work/life balance options
Opportunities to do challenging work.
TORONTO, Ontario, Canada
Technology and Operations
Inclusion and Equal Opportunity Employment
At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at rbc.com/careers.