Director of Application Security, Runtime Protection

Job Description Director of Application Security (AppSec) Runtime Protection will provide leadership and execution in the area of compliance to security standards & provide security protections for application security to all RBC business and application development teams. The successful candidate will assume the ownership and accountability of the features & capabilities aligned to the AppSec Roadmap to ensure effective pragmatic capabilities are seamlessly integrated and adopted across the enterprise. What is the opportunity? The Director of Application Security (AppSec) Runtime Protection will provide leadership and execution in the area of compliance to security standards & provide security protections for application security to all RBC business and application development teams. The successful candidate will assume the ownership and accountability of the features & capabilities aligned to the AppSec Roadmap to ensure effective pragmatic capabilities are seamlessly integrated and adopted across the enterprise. What will you do? Strategic Leadership – Develop, evolve and oversee the execution of the RBC AppSec Runtime Protection Roadmap aligned with the bank's overall security and business objectives. Lead the planning, execution, communication and reporting of AppSec Runtime Protection initiatives in all financial, resource, scope and schedule aspects. Collaboration and Communication – Foster an application security‑aware culture that highlights the value propositions of application development and application security integration and partnership. Provide subject matter expert thought leadership and direction on application security policy, standard and governance models. Risk Management and Compliance – Improve Application and API Security by identifying & partnering with stakeholders to remediate gaps in security coverage for external/internal applications. Act as the trusted advisor on application security matters for executives, application development teams, cyber security and risk management groups. Team Leadership and Development – Direct a team of AppSec professionals to introduce effective and pragmatic application security technologies and processes that align with RBC’s application development methodologies. Identify and address skill gaps within the team, ensuring continuous professional development and upskilling. Innovation and Technology – Stay abreast of industry‑leading trends, best practices, technologies; and determine how they align with the strategy. Collaborate with stakeholders in the evaluate and implementation of security tools and technologies to protect applications and APIs effectively. What do you need to succeed? Must‑have: 10+ years of experience in software engineering, infrastructure, or security; with significant time spent in DevSecOps, App Security Engineering roles 7+ years experience in a leadership role building or managing DevSecOps/ SecOps/ SRE teams Working knowledge of enterprise level languages, e.g. Java, .NET, Javascript, PHP, node.JS Deep experience with security tools: SAST, DAST, SCA, container scanning Strong working knowledge of application security technologies such as Checkmarx, Sonatype, JFrog, WebInspect, AppScan, BurpSuite, Blackduck, Snyk Knowledge of application security frameworks, such as BSIMM, SAMM, ISO27034, BITS, SAFECode Excellent organizational, communication, interpersonal, motivational skills in achieving business objectives Nice to have: Previous experience deploying security tools, or rolling out endpoint/ security agents Prior experience in banking or financial services/ regulated industries What’s in it for you? We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual. A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable Leaders who support your development through coaching and managing opportunities Work in a dynamic, collaborative, progressive, and high‑performing team Ability to make a difference and lasting impact Opportunities to do challenging work Opportunities to take on progressively greater accountabilities Job Skills Adapt Quickly Always Learn Application Programming Interface (API) Security Application Security Application Security Architecture Communication Cross-Team Collaboration Cyber Security Management Decision Making Drive to Impact Dynamic Application Security Testing (DAST) Information Security Management Information Technology Security Infrastructure Penetration Testing IT Security Architecture IT Systems Integration Open Web Application Security Project (OWASP) Security Information and Event Management (SIEM) Web Application Security Assessment Additional Job Details Address: 16 YORK ST: TORONTO City: Toronto Country: Canada Work hours/week: 37.5 Employment Type: Full time Platform: TECHNOLOGY AND OPERATIONS Job Type: Regular Pay Type: Salaried Posted Date: 2025-11-21 Application Deadline: 2025-12-10 Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above Inclusion and Equal Opportunity Employment At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all. Join our Talent Community Stay in‑the‑know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you. Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well‑being of our clients and communities at jobs.rbc.com. #J-18808-Ljbffr