Senior Manager, IT Risk

The Senior Manager, IT Risk Management role is a key strategic and integral role for the overall success of IT Control Management within Tech Infrastructure. This dynamic position provides opportunities for working across the organization to deliver complex enterprise-wide initiatives as part of RBC's ongoing plan to improve IT Risk Management and governance. The role will plan, coordinate, communicate, and execute activities to ensure that the team's objectives are consistently accomplished.

What will you do?

• Leading teams to perform control testing that evaluate the design and operating effectiveness of IT key controls. This is a hands-on role where you are required to lead, guide, and coach your team on various aspects of control testing, IT risk management, and risk reporting.
• Take ownership and be accountable for your team's deliverables to meet the milestones and timelines. Identify and escalate potential issues and risks as applicable. Plan and assign work to your team members. Prepare and present your team's progress and status reports. Plan resource capacity and prepare work pipeline.
• Managing multiple priorities in a fast-paced environment. Identify, de-escalate, and manage actual or perceived conflict, if any, among your team or with the stakeholders. Assess complex scenarios and use your subject matter expertise and professional judgement to make decisions with proper rationale and documentation. Support your team member during complex or tough discussions with stakeholders to achieve the desired outcome.
• Executing control testing to evaluate the design and operating effectiveness of IT controls. Documenting test work adhering to the quality standards, procedure, and industry best practices. Analyzing, aggregating, and articulating the results/issues/recommendations related to control testing activities.
• Participate in all phases of the internal control monitoring process including planning, testing, evaluating risk, identifying mitigating controls, developing conclusions, compiling reports, and maintaining work papers.
• Coordinate with stakeholders to log and manage control deficiencies. Assess remediation plans and corrective actions to ensure that they are designed to reduce risk. Verify that control deficiencies are remediated according to the remediation plans.
• Establish strong working relationships with the stakeholders across business units and teams to build trust and act as a trusted advisor. Provide subject matter expertise to advise the stakeholders on control documentation and testing in compliance with policies and standards.
• Maintaining thorough understanding of organization's governing policies and standards, IT control testing methodologies, and related regulatory and compliance standards
• Keeping abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often collaborate with other teams on IT risk-related initiatives to provide subject-matter recommendations and guidance to achieve a risk posture within the organization's overall risk appetite.

What do you need to succeed?

Must Have:

• Bachelor's degree in engineering, computer science or related fields.
• Industry recognized qualifications and certifications in Information Security and/or Risk Management (CISA/CISSP /CRISC/CCSP)
• 5+ years of technology domain experience in information technology, risk management or risk assurance in the financial services industry.
• Knowledge of IT Risk frameworks, methodologies and industry standards related to IT and Cyber Risk management, including emerging trends and issues.
• Demonstrated expertise in a broad range of Information Security and Risk Management principles and practices.
• Knowledge of financial services regulatory bodies, including FINRA, SEC, FRB and OCC, etc.
• Deadline-driven and results-oriented; able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously.

Nice To Have:

• Risk and Control management knowledge and industry experience across Information Technology (IT) domains.
• Working experience in cybersecurity and/or IT risk management spaces
• IT risk consulting and/or audit experience
• Self-discipline and organized with proven time management skills.

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A progressive career path in technology risk management and cyber security risk management.
• A comprehensive Total Rewards Program including bonuses and flexible benefits, and competitive compensation.
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive, and high performing team.
• A world-class training program in financial services

#LI-HYBRID
#LI-POST

Job Skills

Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management

Additional Job Details

330 FRONT ST W:TORONTOTORONTOCanada37.5Full timeTECHNOLOGY AND OPERATIONSRegularSalaried2024-12-132025-01-31

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above