Associate Director Cyber and Tech Risk

Job Summary

Job Description

What is the opportunity?

The Associate Director, Cyber and Technology Risk, will provide Cyber and IT Risk Management subject matter expertise in the form of oversight and challenge to the first line of defense operating teams across assigned Technology and Business groups.

This includes : providing an opinion on RBC's Technology risk posture, developing Key Risk Indicators to measure and monitor Cyber & Technology Risk and contributing to the development of enterprise policies and standards governing Technology Operations and Infrastructure Risk.

• You will support Operational Risk Management leadership within Group Risk Management in delivering various oversight and challenge processes, including : tracking and reporting on status and quality of key operational and technology risk programs;
• developing and utilizing effective risk appetite metrics that provide insights into current risk level; identifying issues with policy compliance through analysis and testing of controls;

monitoring and assessing technology; and performing thematic reviews to investigate issues and providing value add recommendations.

What will you do?

Leverage data driven insight and provide opinions and challenge on key risk indicators.

Support the completion of thematic reviews, scenario analysis, external event analysis, new change initiative assessments and development of risk profiles that can be leveraged to report to senior management, board and regulators

Provide 2nd line of defense effective oversight and challenge for T&O Operational and IT risk programs such as Risk and Control Self-Assessments, Operational Risk Event Reviews, IT Risk Assessments, Integrated Risk Profiles to validate the business is operating within Risk Appetite.

Champion risk management rather than risk avoidance, by seeking solutions.

Maintain and grow knowledge of emerging technologies, threats / vulnerabilities and risk management practices and their implications to the business platform.

Support the business by challenging that appropriate IT risk requirements are embedded into third party contracts as contractual remedies.

Maintain assigned Domain Risk Profiles to provide a strong fact based opinion on the IT Risk profile

Develop quarterly profile across all Cyber and IT Risk Categories and Scenarios.

Operate a one front door policy by ensuring effective support of business requests and follow through.

Develop and maintain key internal and external relationships in order to provide advice and oversight on standard compliance, support operational risk program adherence and effective incident reporting

What do you need to succeed?

Must-have :

Working experience in developing / supporting Information Technology, ideally in financial services or other regulated industries (insurance, healthcare, etc)

Expert knowledge of Cyber Security concepts, methodology, processes and procedures and controls.

5 years' experience in in risk identification, aggregation, analysis, and ranking

Strong metrics and performance management background including data management and analysis

Ability to gain credibility and influence in a federated environment and diverse processes and partner with groups across divisions to get visibility to key technology risks

Very strong interpersonal and communication skills; ability to communicate with and present to people in wide variety of areas and at various levels from technical specialists and business partners, to senior executives.

Nice-to-have :

Experience in a larger financial services company

Knowledge of Project Management (PMF) process / disciplines

CRISC or other Information Security Certifications

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper.

We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

Leaders who support your development through coaching and managing opportunities.

Ability to make a difference and lasting impact.

Work in a dynamic, collaborative, progressive, and high-performing team.

Flexible work / life balance options.

Opportunities to do challenging work.

Opportunities to take on progressively greater accountabilities.

Opportunities to building close relationships with clients.

LI-Hybrid

LI-POST

TECHPJ

Job Skills

Business Continuity Disaster Recovery, Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management