Endpoint Security Risk

**What is the opportunity?**

The Endpoint Security Risk & Compliance Lead will be responsible for risk management, audit, and regulatory compliance activities for the Endpoint Security team. They will partner closely with technical Endpoint Security teams, Security Risk teams, and auditors to help ensure compliance with relevant regulations and industry standards. The lead will also drive the development and maintenance of reporting to ensure transparency and accountability for overall compliance with business and governance activities, including the development and implementation of policies, procedures, and controls to maintain the highest level of endpoint security risk management and compliance.

**What will you do?**
- ** Stakeholder Collaboration**:Work closely with endpoint security teams, IT operations, and risk partners to understand security controls and processes and manage risks.
- ** Audit & Regulatory Engagement Leadership**:Champion audit, regulatory, and key control engagements with support from technical teams to drive accurate and meaningful responses for evaluators while also identifying areas for learning and improvement.
- ** Risk Management**:Own primary accountability for endpoint security risk management across endpoint security products. Capturing risks, tracking risks through their lifecycle, and supporting technical teams driving towards remediation.
- ** Reporting & Remediation**:Drive the development, distribution, and maintenance of meaningful reporting for key governance and compliance metrics relating to endpoint security (e.g., patching, certificate management, and password rotations.).
- ** Supplier Management Governance**:Manage regular reviews of endpoint security technology solutions relating to supplier and data risk, model risk, and exit strategies

**What do you need to succeed? Must-have**
- ** Audit and regulatory compliance expertise**: Experience with audit and regulatory engagements, including knowledge of relevant laws, regulations, and industry standards (e.g., NIST, SWIFT, PCI-DSS, GDPR), is essential for this position.
- ** Experience with reporting and metrics ownership**: The ability to develop and maintain meaningful reports and metrics to measure endpoint security governance and compliance is critical for this role.

**Nice-to-have**:

- Certifications in information security (e.g., CISSP, CCSP, CRISC, CIAM, ITIL)
- Previous work experience within the Finance or Insurance sector or other large enterprise industry
- Understanding of security technologies such as anti-virus, data monitoring and protection, cryptography, identity and access management, and vulnerability scanning technologies
- Knowledge of enterprise environments including IT ecosystems, software networks, traditional on-premise infrastructure and cloud platforms (AWS, Azure, GCP)
- Experience with agile methodologies and tools, such as Jira or Azure DevOps, for backlog management and sprint planning

**What is in it for you?**

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success
that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.
- Leaders who support your development through coaching and managing opportunities.
- Ability to make a difference and lasting impact.
- Work in a dynamic, collaborative, progressive, and high-performing team.
- A world-class training program in financial services.
- Opportunities to do challenging work.

LI-POST

TECH PJ

**Job Skills**

Collaborating, Compliance Activities, Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Endpoint Security, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security, Regulatory Compliance, Risk Management, Security Risk Management, Strategic Thinking, Vulnerability Management, Vulnerability Scanning

**Additional Job Details**

**Address**:
16 YORK ST:TORONTO

**City**:
Toronto

**Country**:
Canada

**Work hours/week**:
37.5

**Employment Type**:
Full time

**Platform**:
TECHNOLOGY AND OPERATIONS

**Job Type**:
Regular

**Pay Type**:
Salaried

**Posted Date**:
2025-09-02

**Application Deadline**:
2025-09-15

**I**nclusion** and Equal Opportunity Employment**

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies a