Job DescriptionWHAT IS THE OPPORTUNITY? In this role you will manage the day-to-day operations and effectiveness of security-related programs and initiatives; assessing the costs associated with potential threats and solutions required to eliminate or minimize threats. You will apply extensive, in-depth knowledge, skills, and practices to perform complex
assignments. This will require reviewing of risk-related standards, policies and regulations both internally and regional. You will also be responsible for the completion of regulatory risk reporting.
WHAT WILL YOU DO? - Leading in the development, implementation and enforcement of organization-wide security risk assessment and control standards, policies and procedures.
- Monitoring and assessing business needs against security concerns and recommending necessary changes to enhance information systems security.
- Managing activities for IT risks control in business operations; ensuring that the server, network operations and applications are compliant with security procedures, systems, and policies.
- Developing training on information security risk metrics, polices, risk migration and elimination procedures for staff, coordinating with audits and suppliers on information security improvement.
- Establish and maintain strong working relationships across business units and segments. Collaborate with various groups to define and achieve deliverables, acting as a trusted advisor on risk and controls by liaising with 1 LoD, 2LOD, and 3LOD.
- Deliver risk advisory and consulting, within Investor Services Business Technology, AI and Automation programs. Support our transformation programs and businesses on Project Risk Assessment (iITRA), Findings, Audits, KRI Compliance Monitoring, Reporting and Governance, and control activities.
- Strong analytical and critical thinking, supported by solid writing skills are essential for documenting and communicating work effectively. You should be able to grasp stakeholder expectations and align your communication accordingly.
- Ability to impact, influence and negotiate with key stakeholders in building a superior solution, and ultimately a strong stakeholder experience
WHAT DO YOU NEED TO SUCCEED?Must have:- Excellent written & verbal communication skills, with the ability to convey complex technical concepts to general IT and business managers
- Degree level education plus a relevant qualification in risk & information systems control (e.g. CRISC) or cybersecurity (e.g. CISSP) or (e.g. CISA), Deep IT technical knowledge and experience covering: operating systems (e.g. Unix, Windows, zOS); database systems (e.g. Oracle, SQL Server, Sybase, DB2) and software security architectures; Knowledge of MS Suite of Apps
- Passion for technology risk management and a desire to continually develop personal and team knowledge
- Experience managing multiple projects or internal service delivery, including service level management, process design and skills development planning
- Internal or external IT audit qualification and experience; Operational Risk Management
Nice-to-have:
- Post graduate qualification in computing or cybersecurity or Information technology
- Familiarity with DevOps & Cloud concepts, processes and tooling, ORM Framework, Audit; Access and change management processes; SOX/SOC1
WHAT'S IN IT FOR YOU?- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Opportunity to join a diverse and inclusive team to increase the awareness of risk initiatives within RBC
- Opportunity to expand your limits and create a new future together at RBC
#LI-POST
#TECHPJ
Job SkillsBusiness Continuity and Disaster Recovery (BCDR), Business Technology, Communication, Cyber Security Management, Firewall Management, Information Security, Information Security Auditing, Information Security Operation Center (ISOC), Information Security Risk, Information System Security, IT Network Security, Operational Delivery, Problem Management, Process Management, Project Risk Assessments, Risk Assessments, Security Risk, Security Risk Assessment, Threat Management
Additional Job DetailsAddress:RBC CENTRE, 155 WELLINGTON ST W:TORONTO
City:Toronto
Country:Canada
Work hours/week:37.5
Employment Type:Full time
Platform:TECHNOLOGY AND OPERATIONS
Job Type:Regular
Pay Type:Salaried
Posted Date:2026-06-09
Application Deadline:2026-07-04
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.
