Director of Application Security, Runtime Protection

Director of Application Security, Runtime Protection (Global Security) Provide leadership and execution in compliance to security standards and provide security protections for application security to all RBC business and application development teams. Assume ownership of features and capabilities aligned to the AppSec Roadmap to ensure effective pragmatic capabilities are seamlessly integrated and adopted across the enterprise. What Will You Do? Strategic Leadership – develop, evolve, and oversee the execution of the RBC AppSec Runtime Protection Roadmap aligned with the bank’s overall security and business objectives. Lead planning, execution, communication, and reporting of initiatives across all financial, resource, scope, and schedule aspects. Collaboration and Communication – foster an application security‑aware culture that highlights the value of integrating application development and security. Provide subject‑matter expert thought leadership on application security policy, standard, and governance models. Risk Management and Compliance – improve application and API security by identifying and partnering with stakeholders to remediate gaps in coverage for external and internal applications. Act as the trusted advisor on application security matters for executives, application development teams, cyber security, and risk management groups. Team Leadership and Development – direct a team of AppSec professionals to introduce effective and pragmatic application security technologies and processes that align with RBC’s development methodologies. Identify and address skill gaps, ensuring continuous professional development and upskilling. Innovation and Technology – stay abreast of industry‑leading trends, best practices, and technologies; determine how they align with strategy. Collaborate with stakeholders to evaluate and implement security tools and technologies that protect applications and APIs effectively. Must‑Have Qualifications 10+ years of experience in software engineering, infrastructure, or security with significant time in DevSecOps or App Security Engineering roles. 7+ years in a leadership role building or managing DevSecOps, SecOps, or SRE teams. Working knowledge of enterprise‑level languages such as Java, .NET, JavaScript, PHP, and Node.js. Deep experience with security tools: SAST, DAST, SCA, container scanning. Strong knowledge of application security technologies such as Checkmarx, Sonatype, JFrog, WebInspect, AppScan, Burp Suite, Black Duck, and Snyk. Knowledge of application security frameworks such as BSIMM, SAMM, ISO27034, BITS, and SAFECode. Excellent organizational, communication, interpersonal, and motivational skills to achieve business objectives. Nice to Have Experience deploying security tools or rolling out endpoint/security agents. Prior experience in banking, financial services, or regulated industries. Benefits A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable. Leadership support through coaching and management opportunities. Work in a dynamic, collaborative, progressive, high‑performing team. Opportunity to make a lasting impact and take on progressively greater accountabilities. Challenging work that fosters continuous growth. Additional Job Details Address: 16 YORK ST, TORONTO City: Toronto Country: Canada Work hours/week: 37.5 Employment Type: Full time Platform: TECHNOLOGY AND OPERATIONS Job Type: Regular Pay Type: Salaried Application Deadline: 2025‑12‑10 Inclusion and Equal Opportunity Employment At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging, and opportunity for all. #J-18808-Ljbffr