Search jobs > Toronto, ON > It security manager

Manager, Cyber Security & IT Risk Management

0000050007 Royal Bank of Canada
TORONTO, Ontario, Canada
$88.5K-$110.6K a year (estimated)
Full-time

Job Description

About RBCx RBCx pursues big, bold ideas and leverages RBC’s extensive experience, networks, and capital to help shape what’s next.

Our four pillars Banking, Capital, Platform, and Ventures combine to support tech businesses of all sizes and stages, making us the go-to backer of Canadian innovation.

Our people are our most valuable assets, which is why we invest deeply in making sure RBCx isn’t just a place to work, but a place to belong.

About RBCx Platform - VSS TRM Ventures Shared Services (VSS) is made up of Principle Engineering, Platform Engineering, Business Enablement, Security, and Technology Risk Management (TRM).

Our vision is to empower development, create efficiencies, and alleviate pressure, time and effort that would otherwise be spent on security and risk management by being the face between the enterprise and ventures technology teams in this space.

Our mission is to empower a DevSecOps framework throughout the entire Software Development Lifecycle by being Subject Matter Experts and leading technology teams through industry best practices and enterprise frameworks in this space.

What is the opportunity? VSS TRM is looking to hire a Manager, Cyber Security & IT Risk Management who has 5 key areas of responsibilities - Planning, Design, Development, Operations, and Reporting.

You will be expected to contribute in all 5 areas with the core mandate of enabling RBCx Ventures to achieve its business goals while protecting RBC What will you do? Planning

  • Identify risk requirements during Agile Delivery planning.
  • Support business risk partners with the technology section of business risk assessments
  • Assist with Supplier Risk Management Assessments (SRMA) for technology suppliers.

Design

  • Support technology teams through security components of the Athena process (where risk findings are required)
  • Support technology teams through GCS’ Secure Design Review (where risk findings are required)

Development

  • Execute technology Application / Infrastructure Control assessments and assist with risk findings.
  • Assist with risk findings from Application Security Testing
  • Support technology teams through the Public Cloud Governance process for all technology risk-related items

Operations

  • Assist with enterprise requests (i.e. requests sent to Application Custodians)
  • Support technology teams through IIPM data quality and validation checks
  • Support technology teams through the Ventures Supplier Governance process
  • Assess key controls, processes and procedures that are in place and evaluate that they are operating effectively per policies.
  • Facilitate the creation of technology risk findings via the Issue Management process.

Reporting

  • Generate and manage risk reports and dashboards that provide both an aggregate and per-venture view of security postures & risks.
  • Work with organizational partners to support and enhance risk reporting based on RBC requirements.
  • Identify opportunities in process, procedure, and reporting workflow to improve efficiency through automation or templatization.
  • Create and deliver training sessions on risk processes and procedures.

What do you need to succeed? Must-have

  • Undergraduate degree in business, project management, risk management, or related field, or equivalent work experience
  • A minimum of 7 years of experience in information security and / or information risk management
  • Strong writing and oral communication, presentation, and storytelling skills, and the ability to determine the information and communication needed to keep stakeholders and team members well informed.
  • Demonstrated proficiency in Information Technology Risk Management processes
  • A strong understanding of Cloud Technology, DevOps, and SecOps
  • Results-oriented; able to set and consistently meet high-quality standards while handling a variety of tasks and deadlines simultaneously

Nice-to-have

  • Professional certification(s) related to information risk management and / or information security such as CRISC, CISSP, CISA
  • Cloud computing certification(s) such as CCSP, CCSK, AWS Certified Security - Specialty
  • Archer or equivalent GRC tools experience
  • Previous experience in the Financial or Insurance sectors
  • Experience in large, matrixed organizations.
  • Experience in fintech or startups leading digital banking, payments, and / or financial product development

What’s in it for you? We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper.

We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
  • Leaders who support your development through coaching and managing opportunities
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • A world-class training program in financial services

LI-POST#LI-Hybrid#TECHPJ Job Skills Confidentiality, Cyber Security Management, Decision Making, Detail-Oriented, Encryption Software, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security Additional Job Details

Address :

WATERPARK PLACE, 20 BAY ST : TORONTO

City : TORONTO

TORONTO

Country : Canada

Canada

Work hours / week : 37.5

37.5

Employment Type : Full time

Full time

Platform :

Technology and Operations

Job Type : Regular

Regular

Pay Type : Salaried

Salaried

Posted Date : 2024-06-04

2024-06-04

Application Deadline :

2024-06-18

I nclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work.

We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.

We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

30+ days ago
Related jobs
CPP Investments
Toronto, Ontario

Advanced knowledge in IT, risk management, business resiliency, network management/architecture, vendor risk management, vulnerability management, information security, and data protection/management;. This role will support the cultivation of the best view of Cyber and Technology risks across the f...

Intact Financial Corporation
Mississauga, Ontario

The Manager, IT Incident Management is responsible for overseeing the IT security infrastructure, managing incident response, and conducting security investigations. General to advanced knowledge in the following areas: computer networks, operational security platforms, information security principl...

Deloitte
Toronto, Ontario

Deloitte's globally recognized Cyber Security practice advises organizations across many industries on how to effectively manage threats, reduce vulnerability, mitigate cyber risks and make informed decisions as they elevate their security programs to address an evolving and increasingly complex thr...

BFL Canada
Toronto, Ontario

The role is aimed to address risks in cybersecurity and IT governance and operations and provide an effective framework for identifying, assessing, monitoring, and managing cybersecurity and IT risks, including, and not limited to third party IT risks and user cyber training and awareness risks. Mon...

Scotiabank
Toronto, Ontario

Given a diverse range of risks in the portfolio and regular interaction with a variety of internal contacts, the Senior Manager benefits from an environment which fosters continuous learning and development and, from an opportunity to make a positive contribution to the Bank as a credit expert. The ...

Restaurant Brands International Inc
Toronto, Ontario

Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities. The Manager, Risk Management reports to the Sr. Director, Treasury and has responsibility over the reporting and management of RBI’s corporate insuranc...

Scotiabank
Toronto, Ontario

Familiarity with Business Banking credit and limit monitoring systems will be an asset. Establish working relationships with business stakeholders (Banking and Credit), Technology partners and other functions (Enterprise Reporting, Finance, Audit, Data Governance, Compliance). Collaborate with Techn...

Deloitte
Toronto, Ontario

Deloitte's Cyber Security practice advises organizations across many industries on how to effectively reduce vulnerability, mitigate cyber risks and make informed decisions as they elevate their security postures to address an evolving and increasingly complex threat environment. Reporting to senior...

Restaurant Brands International Inc
Toronto, Ontario

Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities. This role is an enablement support function responsible for ensuring that governance programs for GBS for internal audit, reconciliation reviews are ma...

Green Shield Canada
Toronto, Ontario

Prepare monthly/quarterly risk reporting on operational risk appetite metrics, key risk indicators, and operational risk dashboards, and other operational risk reporting for presentation to senior leadership, and board committees. Assist the business with the identification of key operational risks ...