Director, US Cyber & IT Risk

What is the Opportunity?

The Director role will report to the U.S. Head of Cyber & IT Risk in the Second Line of Defense (2LOD) for RBC Combined U.S. Operations (CUSO). This role will be responsible for the US 2LOD Cyber IT Risk Governance and Risk Reporting program. This includes activities such as, but not limited to, overseeing the 2LOD Cyber & IT Risk Operating Model, Strategy & Roadmap, periodic CUSO cybersecurity and IT risk reporting, execution of the Technology Risk Committee (TRC) and providing input and connectivity to various CUSO risk committee.

What will you do?

• Oversee the definition, communication, maintenance, and reporting for the CUSO 2LOD Cyber & IT Risk Strategy and Roadmap

• Perform periodic monitoring and maintaining the CUSO 2LOD Cyber & IT Risk Operating Model, including reviewing Roles and Responsibilities

• Maintain the US Technology Risk Committee (TRC) Charter, set agenda for, and conduct the US TRC on a periodic basis with documented agenda, meeting minutes, and action item tracking.

• Participate and contribute to risk metrics and risk appetite being developed by RBC Enterprise and ensure alignment with US risk reporting requirements.

• On-going monitoring and reporting of CUSO Key Risk Indicators (KRIs) and CUSO Risk Appetite Measures (RAMs) against risk appetite thresholds.

• Monitor and report on CUSO gaps in adherence to Enterprise IT Risk Management framework and its associated policies or standards.

• Collaborate with peer Risk functions of Third-Party Risk Management, Business Continuity Risk Management, Fraud and Payments Risk Management, and Information Risk Management

• Provide 2LOD CUSO cybersecurity and IT risk scenario input into the CUSO Operational Risk Scenario Analysis plan and support execution of risk scenario analysis.

• Monitor and report on status of CUSO 1LOD aggregate risk issues, root cause analysis, action plan and risk acceptances.

• Review and analyze risk and control data from CUSO 1LOD activities to identify risk themes, correlations, systemic issues and other risk intelligence, document, and report on results.

• Engage with risk business platform leads to create and maintain the US Technology and Cyber Risk Profile for the CUSO

• Define, maintain, and execute CUSO 2LOD cybersecurity and IT risk procedures to periodically report on CUSO risk posture to senior management and risk committee(s)

• Create, review, and communicate CUSO 2LOD aggregated risk metric and KRI reporting to senior management and risk committee(s) including CUSO Operational Risk Committee (ORC), Risk Management Committee (RMC) and Risk Committee of the U.S. Board

• Support responses to ORC, RMC, and CUSO Risk Committee of the Board inquiries and requests.

• Using enterprise risk tooling and metric definitions, produce reports on CUSO 2LOD cybersecurity and IT risk metrics, KRIs and RAMs.

• Escalate CUSO cybersecurity and IT risks and incidents to the appropriate risk committee(s) following the enterprise policies, standards, and guidelines.

• Enhance CUSO risk reporting process and procedures to align with enterprise strategic risk governance changes.

• Support ongoing enhancements to risk monitoring and reporting processes as new Key Risk Indicators (KRIs) are available.

What do you need to succeed?

• Minimum 10 years of experience in in IT and cybersecurity risk management, compliance, audit, or related roles, preferably in a large, global financial services company.

• Minimum 10 years of financial services industry experience, of which 5 years must include direct experience in IT Risk Management.

• Proven leadership and program management skills to drive alignment across key business functions.

• Deep understanding of risk framework, corporate/business policies, and programs to translate into plans for the business, function and/or risk type.

• Knowledge and understanding of regulatory and IT risk management Policies/Standards and best practices in the financial services industry.

• Proven experience in senior management or executive reporting with a strong emphasis on effective communication and presentation skills.

• Strong interpersonal, influencing, and communications skills with an ability to interact effectively with stakeholders and regulators, and the ability to effectively manage and build relationships across RBC.

• Proven leadership and project management skills to drive alignment across stakeholder groups to develop and deliver repeatable end-to-end risk management solutions and controls aligned with group's processes.

• Proficiency in risk management tools, data analytics software such as Tableau, Microsoft Excel, and PowerPoint.

• Strong problem-solving abilities and a strategic mindset.

• Excellent people skills and relationship management skills with the ability to present information effectively, able to inspire trust and engage stakeholders at all levels.

• Excellent analytical, communication, and presentation skills, with the ability to convey complex concepts to diverse audiences.

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program include competitive compensation and flexible benefits, such as 401(k) program with company-matching contributions, health, dental, vision, life, disability insurance, and paid-time off.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• Opportunities to do challenging work.

• Opportunities to build close relationships with clients.

The expected salary range for this particular position is $160,000-$250,000 (New Jersey), $130,000-$210,000 (Minnesota) depending on your experience, skills, and registration status, market conditions and business needs.

You have the potential to earn more through RBC's discretionary variable compensation program which gives you an opportunity to increase your total compensation, provided the business meets its performance targets and you meet your individual goals.

RBC's compensation philosophy and principles recognize the importance of a highly qualified global workforce and plays a critical role in attracting, engaging and retaining talent that:

• Drives RBC's high-performance culture

• Enables collective achievement of our strategic goals

• Generates sustainable shareholder returns and above market shareholder value

#LI - Hybrid

#LI - POST

Job Skills

Additional Job Details

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.