Director, US IT Risk Management - ITAM

What is the opportunity?

The Regional Information Technology Risk Officer will report to the Managing Director of US IT Risk. The US IT Risk team is responsible for providing a comprehensive view of IT Risk across Royal Bank of Canada's US business units - Capital Markets, Wealth Management, Global Asset Management, City National Bank and RBC Bank. The team is responsible for overseeing risk management practices, reporting to the regional Board, conducting risk assessments, ensuring that appropriate controls are in place, and engaging with US regulators on continuous monitoring, exams, and remediation programs.

What will you do?

• Work with Business Unit Risk Leads to understand the risks within each business unit and how those risks collectively impact the US regional entity, with primary focus on IT Asset Management domain

• Function as SME for IT Asset Management domain to quantify risk exposures within the business and develop mitigation strategies
• Act as a lead to implement and improve internal controls including assessment, reporting, metrics, monitoring and testing to mitigate risks
• Develop action plans to address identified control breaches and deficiencies, completing root cause analysis and implementing processes to track, monitor and report issues
• Provide guidance on technology risk matters to senior leaders and stakeholders
• Strengthen alignment across US business units and leverage best practices for Combined US Operations (CUSO) reporting
• Identify key areas of risk and leading risk indicators
• Conduct risk assessments to identify, evaluate and prioritize potential risks
• Drive control enhancements to improve the risk posture of the US region
• Expand and enhance metrics reporting coverage for the CUSO
• Contribute to CUSO Domain Risk Profile report
• Create and present risk reports for senior management forums
• Contribute to the development of Enterprise policies, standards, and metrics, ensuring alignment with US IT risk management requirements
• Respond to regulatory inquiries and exams

What do you need to succeed?

Must-have

• Bachelor's degree
• Minimum 7-10 years of experience in IT Risk Management, preferably in large financial services Firms
• In-depth knowledge of industry standards and best practices in IT Risk Management
• Experience with IT Asset Management Lifecycle controls and knowledge of best practices
• Familiarity with asset inventory management and supporting systems
• Ability to work independently and manage competing priorities in a fast-paced environment
• Ability to manage relationships and drive results across a large organization
• Excellent written and verbal communication skills, with ability to appropriately summarize for senior audiences
• High level of attention to detail
• Familiarity with US IT regulatory requirements is a plus (e.g., OCC Heightened Standards, FFIEC Handbooks)

Nice-to-have

• Certifications are a plus (e.g., CRISC, CISA, CISM, CISSP)
• Project Management skills are a plus

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• A world-class training program in financial services
• Flexible work/life balance options
• Opportunities to do challenging work

The good-faith expected salary range for the above position is $160,000 - $250,000 depending on factors including but not limited to the candidate's experience, skills, registration status; market conditions; and business needs.This salary range does not include other elements of total compensation, including a discretionary bonus and benefits such as a 401(k) program with company-matching contributions; health, dental, vision, life, and disability insurance; and paid time-off plan.

RBC's compensation philosophy and principles recognize the importance of a highly qualified global workforce and plays a critical role in attracting, engaging, and retaining talent that:

• Drives RBC's high-performance culture
• Enables collective achievement of our strategic goals
• Generates sustainable shareholder returns and above market shareholder value

Job Skills

Additional Job Details