Associate Director, Cyber and Technology Risk Management

Job DescriptionWhat is the Opportunity? The Associate Director, Cyber and Technology Risk Management Practice plays a key role in ensuring Cyber and Technology Risk support services are proactively developed, operated and evolved to help risk manage this Top Risk risk domain. The position provides broad exposure to operational risk programs, cyber and technology controls and related risk management while working within a strong global team. As the Technology Risk team is part of Enterprise Resilience Risk (ERR), you will get exposure to four other risk domains: Third Party, Business Continuity, Fraud and Physical Risk.You will support Cyber and Technology Risk Management leadership within Group Risk Management in facilitating the delivery of various oversight and challenge processes including: tracking and reporting on status and quality of key Operational Risk programs; identifying issues with policy/standards compliance through analysis and testing of controls; enhancing Cyber and Technology Risk Management practices to align with evolving industry standards and regulatory expectations; monitoring cyber and technology incidents; and continually working with the first line and regulators to ensure reporting of incidents is timely, seamless and accurate. What will you do? Manage and maintain ERR owned controls to ensure they are effective, up-to-date, and fully aligned with IT policy standard requirements and organizational objectives.Oversee Technology & Cyber Governance and Technology & Cyber Risk Management domain to align with industry standards, regulatory requirements, and organizational objectives.Define, implement, and monitor IT risk metrics for Technology & Cyber Governance and Technology & Cyber Risk Management domain, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), to measure and report on IT risk performance.Lead the design, implementation and maintenance of target operating models to enhance Cyber and Technology risk management processes and practices.Oversee the identification, aggregation, and reporting of Cyber and Technology risks across the organization, ensuring a comprehensive view of the risk landscape.Monitor emerging IT risks management trends and address them by proactively developing Cyber IT strategies and roadmap.Provide expert support to regulatory exams, requests, and remediation projects, ensuring compliance with applicable regulations and standards.Track and report on the remediation of Cyber and Technology owned Regulatory, Audit and Self-Declared issues.Ensure that the process to monitor Cyber and Technology incidents and report to regulators is documented and reporting is timely, accurate and complete, meeting all compliance requirements.Support the Enterprise IT Issues and IT Findings assignment and reporting processes, ensuring that issues are tracked, escalated, and resolved effectively.Lead the development and ongoing maintenance of Cyber and Technology Risk procedures with Risk Leads to ensure consistent and effective Cyber and Technology risk management practices across the organization.Prepare and deliver comprehensive reports and presentations on Cyber and Technology risk management activities to stakeholders, including senior leadership and regulatory bodies.Develop and maintain key internal and external relationships to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting.What do you need to succeed? Must-have: University degree in Computer Science, Information Technology, or a related field.7 years in the financial services or other regulated industries.5 years’ experience in development of IT Risk Frameworks and Enterprise IT Issue Management.Experience in IT Risk Management including risk identification and assessment, monitoring, treatment, analysis, aggregation and reportingHands-on experience with regulatory exams, regulatory requests, and remediation projects.Proven experience with GRC or IT Risk Management tools such as Archer, ServiceNow, Riskonnect, PowerBI, Tableau and JIRA.Strong analytical and problem-solving skills, with the ability to assess complex IT risks and develop effective mitigation strategies.Experience in developing and implementing IT procedures to ensure consistent governance and compliance.Strong knowledge and experience in defining, implementing, and monitoring IT risk metrics. Nice-to-have:Professional certifications such as CISA, CRISC, CISSP, or equivalent are highly desirable.Familiarity with industry standards and frameworks such as NIST, ISO 27001, COBIT, or ITIL.Strong understanding of cyber and technology risk trends and best practices.Ability to work in a fast-paced environment and manage multiple priorities effectively.What’s in it for you?We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensationAbility to make a difference and lasting impactWork in a dynamic, collaborative, progressive, and high-performing teamOpportunities to take on progressively greater accountabilityJob SkillsCritical Thinking, Cyber Security Management, Decision Making, Detail-Oriented, Information Security Management, Information Technology Security, Interpersonal Relationship Management, IT Security Architecture, Performance Management (PM)Additional Job DetailsAddress:20 KING ST W:TORONTOCity:TorontoCountry:CanadaWork hours/week:37.5Employment Type:Full timePlatform:GROUP RISK MANAGEMENTJob Type:RegularPay Type:SalariedPosted Date:2026-01-29Application Deadline:2026-02-12Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date aboveInclusion and Equal Opportunity EmploymentAt RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.Join our Talent CommunityStay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.