Senior IT Risk Analyst (Global Security)
Top Benefits
About the role
Job Description RBC Global IT Risk (GITR) team enables the protection of RBC's brand, systems, and operations by equipping business and technology partners with meaningful insights, advice, and information on RBC IT & cyber risks. The Senior Cyber Security and IT Risk Management Analyst will perform risk-based testing activities that independently evaluate the design and effectiveness of IT controls and further assist with the enhancement and execution of the IT Control Testing and Monitoring. This role will primarily support the identification and mitigation of IT and regulatory risks and operational issues and will also assist in the maintenance of operational and IT control procedures. This is an advanced senior professional with wide- ranging experience who uses professional concepts to resolve complex issues. Serves as an expert in their own discipline or area of specialization. This dynamic position provides opportunities for working across the organization.
What Will You Do?
- Executing control testing to evaluate the design and operating effectiveness of IT controls. Documenting test work adhering to the quality standards, procedure, and industry best practices. Analyzing, aggregating, and articulating the results, issues, and recommendations related to control testing activities.
- Participate in all phases of the internal control monitoring process including planning, testing, evaluating risk, identifying mitigating controls, developing conclusions, writing reports, and maintaining work papers.
- Coordinate with stakeholders to log and manage control deficiencies. Assess remediation plans and corrective actions are reasonably designed to reduce risk. Verify control deficiencies are remediated according to the remediation plans.
- Establish strong working relationships with the stakeholders across business units and teams to build trust and act as trusted advisor. Perform as a subject matter expert to advise stakeholders on control documentation and testing in compliance with policies and standards.
- Maintaining thorough understanding of organization's governing policies and standards, IT control testing methodologies, and related regulatory and compliance standards
- Keeping abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often collaborate with other teams on IT risk-related initiatives to provide subject-matter recommendations and guidance to achieve a risk posture within the organization’s overall risk appetite.
What Do You Need To Succeed? Must have:
- Bachelors' degree in computer science, engineering, or related field. Preferred Certifications: CRISC - Certified in Risk and Information Systems Control, CISA – Certified Information Security Auditor, CISSP - Certified Information Systems Security Professional.
- Over five-year experience of testing IT controls preferably within financial services industry. Experience or understanding of IT risk management practices in financial services industry.
- Proficient at written and oral communication skills to effectively and timely communicate with the stakeholders. Analytical and rationale thinking, supported by strong writing skills, are essential to document and communicate the test work. Ability to understand the stakeholders’ expectations for information/communication.
- A strong understanding of technology and/or financial services industry. Knowledge of FINRA, SEC, MSRB, FRBNY and OCC rules and regulations.
- Deadline-driven and results-oriented; able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously.
Nice-to-have :
- Risk and Control management knowledge and industry experience across Information Technology (IT) domains
- Working experience in cybersecurity and/or IT risk management space
- Big 4 IT risk consulting and/or audit experience
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Opportunities to do challenging work
#LI-POST
#TECHPJ
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.
Senior IT Risk Analyst (Global Security)
Top Benefits
About the role
Job Description RBC Global IT Risk (GITR) team enables the protection of RBC's brand, systems, and operations by equipping business and technology partners with meaningful insights, advice, and information on RBC IT & cyber risks. The Senior Cyber Security and IT Risk Management Analyst will perform risk-based testing activities that independently evaluate the design and effectiveness of IT controls and further assist with the enhancement and execution of the IT Control Testing and Monitoring. This role will primarily support the identification and mitigation of IT and regulatory risks and operational issues and will also assist in the maintenance of operational and IT control procedures. This is an advanced senior professional with wide- ranging experience who uses professional concepts to resolve complex issues. Serves as an expert in their own discipline or area of specialization. This dynamic position provides opportunities for working across the organization.
What Will You Do?
- Executing control testing to evaluate the design and operating effectiveness of IT controls. Documenting test work adhering to the quality standards, procedure, and industry best practices. Analyzing, aggregating, and articulating the results, issues, and recommendations related to control testing activities.
- Participate in all phases of the internal control monitoring process including planning, testing, evaluating risk, identifying mitigating controls, developing conclusions, writing reports, and maintaining work papers.
- Coordinate with stakeholders to log and manage control deficiencies. Assess remediation plans and corrective actions are reasonably designed to reduce risk. Verify control deficiencies are remediated according to the remediation plans.
- Establish strong working relationships with the stakeholders across business units and teams to build trust and act as trusted advisor. Perform as a subject matter expert to advise stakeholders on control documentation and testing in compliance with policies and standards.
- Maintaining thorough understanding of organization's governing policies and standards, IT control testing methodologies, and related regulatory and compliance standards
- Keeping abreast of external cyber security trends, technologies and cyber risk management approaches, control hygiene of the environment, and often collaborate with other teams on IT risk-related initiatives to provide subject-matter recommendations and guidance to achieve a risk posture within the organization’s overall risk appetite.
What Do You Need To Succeed? Must have:
- Bachelors' degree in computer science, engineering, or related field. Preferred Certifications: CRISC - Certified in Risk and Information Systems Control, CISA – Certified Information Security Auditor, CISSP - Certified Information Systems Security Professional.
- Over five-year experience of testing IT controls preferably within financial services industry. Experience or understanding of IT risk management practices in financial services industry.
- Proficient at written and oral communication skills to effectively and timely communicate with the stakeholders. Analytical and rationale thinking, supported by strong writing skills, are essential to document and communicate the test work. Ability to understand the stakeholders’ expectations for information/communication.
- A strong understanding of technology and/or financial services industry. Knowledge of FINRA, SEC, MSRB, FRBNY and OCC rules and regulations.
- Deadline-driven and results-oriented; able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously.
Nice-to-have :
- Risk and Control management knowledge and industry experience across Information Technology (IT) domains
- Working experience in cybersecurity and/or IT risk management space
- Big 4 IT risk consulting and/or audit experience
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Opportunities to do challenging work
#LI-POST
#TECHPJ
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.