Job DescriptionWhat is the Opportunity?The role of the Senior Security Detection Engineer is to provide specialized subject matter expertise for the Detection Engineering & Automation (DEA) team, for RBC's Global Cyber Security. This is a key technical role supporting mission critical enterprise network security operations and IT services protection. This role will drive development using automation to new or existing security use cases to reduce the overall mean time to detect and respond to incidents.With your proven experience, collaboratively lead our RBC technology and application partners to develop and implement mission critical cyber use cases for security monitoring supporting security operations and Security Operations Centre capabilities.What will you do?Provide global accountability to provide technical and subject matter expertise supporting cyber uses cases developed from security systems and infrastructure for security monitoring.Work with RBC technology and/or application partners (Cybersecurity, Technology Infrastructure, SOC) to develop and strengthen use cases for continuous security monitoring.Develop runbooks for those use cases that align with security operations processes and streamline the incident investigation and response tasks.Work with Defensive Threat Operations Correlation Engineering to facilitate log ingestion and use case development in our SIEM platforms.Periodically review use case library, perform attestation on existing use cases, participate in tuning discussions/activities and provide improvement recommendations where necessary/possible.Develop and maintain lines of communication with various security groups, Security Operations Centre leadership and technology stakeholdersDevelop processes to support a maturing programProvide operational metrics and reports as neededWhat do you need to succeed?Must have:2 to 5 years of industry experience.Experience in cloud environments (AWS, Azure, GCP, OCP)Intermediate experience with Python.Experience with building detections in SIEM.Experience with automation in SOAR.Educational background in IT, Engineering, Cybersecurity and/or equivalent relevant experienceDemonstrated technical leadership abilityIn-depth understanding of Security Operations and Security Technologies, with previous experience working in a SOC environmentUnderstanding of common exploitation techniques and awareness of new threatsStrong analytical and complex problem-solving skillsExpert understanding of SIEM technology and operationsStrong Networking and Enterprise IT Infrastructure knowledge with TCP/IP packet level knowledgeNice-to-have:Certifications in information security (GCIH, GCSA, GPCS, GCTD, GCFR)Certifications in cloud platforms (AWS, Azure, GCP, or OCP)Experience in working within a large, global financial services company.A good understanding of modern, cloud centric architectures and DevOps principles.What’s in it for you?We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicableLeaders who support your development through coaching and managing opportunitiesAbility to make a difference and lasting impactWork in a dynamic, collaborative, progressive, and high-performing teamA world-class training program in financial servicesFlexible work/life balance optionsOpportunities to do challenging work#techpj#LI-postJob Skills Cloud Software, Communication, Cross-Departmental Collaboration, Cyber Operations, Cyber Security Management, Decision Making, Detail-Oriented, Group Problem Solving, High Impact Communication, Information Security Management, Information Technology Security, Network Security Operations, Security Automation, Security Operations, SIEM Tools, Strategic Thinking, Threat Detection, Threat Monitoring, Use Case DocumentationAdditional Job DetailsAddress: 745 THURLOW ST:VANCOUVERCity: VancouverCountry: CanadaWork hours/week: 37.5Employment Type: Full timePlatform: TECHNOLOGY AND OPERATIONSJob Type: RegularPay Type: SalariedPosted Date: 2026-03-25Application Deadline: 2026-04-10Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date aboveOur Employment OpportunitiesAt RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.Join our Talent CommunityStay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at .RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.
