Manager, Cyber Security & IT Risk Management

  • Full Time
  • Toronto

0000050007 Royal Bank of Canada




Job Description

About RBCx RBCx pursues big, bold ideas and leverages RBC’s extensive experience, networks, and capital to help shape what’s next. Our four pillars – Banking, Capital, Platform, and Ventures – combine to support tech businesses of all sizes and stages, making us the go-to backer of Canadian innovation.

Our people are our most valuable assets, which is why we invest deeply in making sure RBCx isn’t just a place to work, but a place to belong. About RBCx Platform – VSS TRM Ventures Shared Services (VSS) is made up of Principle Engineering, Platform Engineering, Business Enablement, Security, and Technology Risk Management (TRM). Our vision is to empower development, create efficiencies, and alleviate pressure, time and effort that would otherwise be spent on security and risk management by being the face between the enterprise and ventures technology teams in this space.

Our mission is to empower a DevSecOps framework throughout the entire Software Development Lifecycle by being Subject Matter Experts and leading technology teams through industry best practices and enterprise frameworks in this space. What is the opportunity? VSS TRM is looking to hire a Manager, Cyber Security & IT Risk Management who has 5 key areas of responsibilities – Planning, Design, Development, Operations, and Reporting. You will be expected to contribute in all 5 areas with the core mandate of enabling RBCx Ventures to achieve its business goals while protecting RBC What will you do? Planning

  • Identify risk requirements during Agile Delivery planning.
  • Support business risk partners with the technology section of business risk assessments
  • Assist with Supplier Risk Management Assessments (SRMA) for technology suppliers.

  • Design

  • Support technology teams through security components of the Athena process (where risk findings are required)
  • Support technology teams through GCS’ Secure Design Review (where risk findings are required)

  • Development

  • Execute technology Application/Infrastructure Control assessments and assist with risk findings.
  • Assist with risk findings from Application Security Testing
  • Support technology teams through the Public Cloud Governance process for all technology risk-related items

  • Operations

  • Assist with enterprise requests (i.e. requests sent to Application Custodians)
  • Support technology teams through IIPM data quality and validation checks
  • Support technology teams through the Ventures Supplier Governance process
  • Assess key controls, processes and procedures that are in place and evaluate that they are operating effectively per policies.
  • Facilitate the creation of technology risk findings via the Issue Management process.

  • Reporting

  • Generate and manage risk reports and dashboards that provide both an aggregate and per-venture view of security postures & risks.
  • Work with organizational partners to support and enhance risk reporting based on RBC requirements.
  • Identify opportunities in process, procedure, and reporting workflow to improve efficiency through automation or templatization.
  • Create and deliver training sessions on risk processes and procedures.
  • What do you need to succeed? Must-have


  • Undergraduate degree in business, project management, risk management, or related field, or equivalent work experience
  • A minimum of 7 years of experience in information security and/or information risk management
  • Strong writing and oral communication, presentation, and storytelling skills, and the ability to determine the information and communication needed to keep stakeholders and team members well informed.
  • Demonstrated proficiency in Information Technology Risk Management processes
  • A strong understanding of Cloud Technology, DevOps, and SecOps
  • Results-oriented; able to set and consistently meet high-quality standards while handling a variety of tasks and deadlines simultaneously

  • Nice-to-have

  • Professional certification(s) related to information risk management and/or information security such as CRISC, CISSP, CISA
  • Cloud computing certification(s) such as CCSP, CCSK, AWS Certified Security – Specialty
  • Archer or equivalent GRC tools experience
  • Previous experience in the Financial or Insurance sectors
  • Experience in large, matrixed organizations.
  • Experience in fintech or startups leading digital banking, payments, and/or financial product development
  • What’s in it for you? We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper.

    We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.



  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
  • Leaders who support your development through coaching and managing opportunities
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • A world-class training program in financial services
  • #LI-POST#LI-Hybrid#TECHPJ Job Skills Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Encryption Software, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security Additional Job Details


    Address:

    WATERPARK PLACE, 20 BAY ST:TORONTO


    City:


    TORONTO


    Country:


    Canada

    Work hours/week:



    37.5

    Employment Type:



    Full time


    Platform:

    Technology and Operations


    Job Type:


    Regular


    Pay Type:


    Salaried


    Posted Date:


    2024-06-04

    Application Deadline:



    2024-06-18

    I nclusion and Equal Opportunity Employment


    At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work.

    We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
    ​​​​​​​
    We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

    Join our Talent Community


    Stay in-the-know about great career opportunities at RBC.

    Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.



    Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.