Director, Cyber and IT Risk Framework Policy and Standards

Job Description

What is the opportunity?

The Director, Cyber and Technology Risk Framework and Standards will be responsible for providing leadership and direction over the bank's suite of cyber and technology policies and standards by providing challenge and oversight on their design and implementation within a well defined and communicated framework in order to mitigate risk to RBC. Responsibilities include maintaining the framework; managing a comprehensive cyber & technology governance roadmap and the supporting pipeline and schedule; providing subject matter experts with appropriate guidance to ensure that policies and standards are developed and documented in a manner that follows RBC requirements and that supports other policies and standards as required; and ensuring that changes are effectively communicated by responsible parties to allow implementation and compliance.

You will support Operational Risk Management leadership within Group Risk Management in delivering various oversight and challenge processes including: identifying issues with policy compliance through analysis and testing of controls; monitoring regulatory changes that impact cyber and technology, maintaining the Cyber and Technology Regulatory Intelligence repository and facilitating the completion of gap analysis against our policies and standards. Through trusted partnership, ensure our suite of policies and standards delivers a balanced risk/ reward profile enabling business strategies and strengthening the technology that supports the Bank.

What will you do?

• Provide primary and comprehensive advisory on RBC's security framework, policies, standards and guidelines to a complex level, and ensure their effective development.
• Contribute to the development of IT Risk governance frameworks, policies and standards by leveraging existing frameworks and approaches.
• Manage and maintain the Cyber & Technology Governance Roadmap and supporting pipeline and schedule of policy and standards development, updates, and refreshes, that ensures policies and standards are reviewed and updated in a timely manner
• Maintain the repository of assigned Frameworks, policies, standards, guidelines, glossaries, and regional addendums
• Work with the regional representatives to: coordinate the scanning for regulatory changes, maintain the
• Regulatory Intelligence repository, and facilitate the completion of gap analysis against our policies and standards
• Maintain a supportable opinion on RBC's risk and effectiveness of our policies and standards using analytics, review of IT Issues, Control effectiveness reviews, Key Risk Indicators and assessments as required
• Support the handling of questions pertaining to cyber and technology policies and standards from regulators,
• and 3rd parties
• Maintain assigned Cyber and IT Risk Governance Domain profiles to provide a strong fact based opinion on the associated IT Risk.
• Deliver presentations and updates to key business/T&O stakeholders.
• Provide timely insight to business and technology partners on risk and controls, to ensure effective responses and no surprises.

What do you need to succeed?

Must-have:

• Minimum of 8 years IT experience
• Minimum of 5 years experience in a broad range of the Information Security services (e.g. security planning & development, working with global security groups, security incidents)
• Minimum 5 years technology operational experience
• Proven experience defining and implementing Cyber and Technology policies, standards and procedures across multiple platforms, with compliance checks
• Proven experience facilitating constructive debates that generate feedback, collaboration and value added results

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• A world-class training program in financial services
• Flexible work/life balance options
• Opportunities to do challenging work

Job Skills

Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management

Additional Job Details

Address:

20 KING ST W:TORONTO

City:

Toronto

Country:

Canada

Work hours/week:

Employment Type:

Full time

Platform:

GROUP RISK MANAGEMENT

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

Application Deadline:

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities

---