Senior Director- Security, Risk, & Emerging Threats (Global Security)

Royal Bank of Canada View all jobs

  • Toronto, ON
  • Permanent
  • Full-time
  • 29 days ago
Job DescriptionWhat is the opportunity?The Senior Director- Security, Risk, & Emerging Threats, you will provide strategic guidance and oversight on emerging and complex technology risks, championing security risk as a competitive advantage. You will bridge technical risk assessment, business objectives, and enterprise risk tolerance to develop forward-looking strategies that anticipate threats across AI systems, infrastructure resilience, and data protection.By embedding risk awareness into innovation processes and decision-making, you will enable RBC to achieve operational excellence, maintain effective governance, and strengthen global security posture.What will you do?Risk Assessment Execution & Methodology: Conduct targeted, data-driven risk assessments across critical technology domains (AI/ML, systems architecture, data protection, cybersecurity, and third-party dependencies). Develop specialized methodologies for AI, architecture, and data protection risks, aligned with enterprise risk appetite and governance frameworks.Strategic Partnership & Global Risk Coordination: Serve as a key strategic partner to regional IT risk leads across APAC, EU, and US, providing technical expertise and guidance on complex technology risk matters. Collaborate to coordinate global risk assessment initiatives while respecting regional regulatory requirements and risk management practicThreat Landscape Analysis & Incident Assessment: Lead external incident and threat analysis to identify emerging risks and attack patterns relevant to financial services. Conduct deep-dive reviews of external incidents ( AI system failures, data breaches, and architecture vulnerabilities) to evaluate their applicability and potential impact on RBC’s environment, technology, and AI/data ecosystems.Actionable Intelligence & Risk Mitigation: Produce threat intelligence and incident briefings for stakeholders, and coordinate response reviews and lessons-learned exercises to drive control improvements and risk mitigation strategiesExecutive Reporting & Regulatory Engagement: Develop executive-grade reporting packages for senior management and regulators, presenting global technology risk posture, trends, and mitigation progress. Lead the production of quarterly/annual risk management reports and regulatory submissions.Strategic Control Environment Enhancement: Identify opportunities to strengthen RBC’s global technology control environment, with a focus on AI governance, systems architecture resilience, and data protection frameworks. Design and advocate for control improvements aligned with business transformation, regulatory expectations, and industry best practices, while developing implementation guidelines that balance effectiveness, efficiency, and feasibility across the enterprise.Compliance & Regulatory Alignment: Collaborate with compliance functions to ensure technology risk assessments align with regulatory requirements, supporting governance, control documentation, and reporting. Coordinate on interpreting and implementing regulatory guidance for technology, cyber risk, AI governance, and data protection, while integrating compliance considerations into risk prioritization and control design decisions.Technical Risk Advisory Support: Offer expert guidance to issue owners throughout the remediation process, leveraging specialized knowledge in AI, systems architecture, and data protection to address technical risks effectivelyWhat do you need to succeed?Must have:10+ years of progressive experience in Security engineering, or risk advisory roles, with demonstrated ability to identify and exploit vulnerabilities across multiple technical layers (AI/ML, data protection, cloud security, application security, systems architecture, access controls)AI & Machine Learning Risk: Substantial hands-on experience with AI/ML systems, including understanding of model development, deployment, governance, bias detection, explainability challenges, and control frameworks specific to AI systems in financial servicesSystems Architecture: Deep technical knowledge of enterprise systems architecture, cloud infrastructure, distributed systems, scalability, resilience, disaster recovery, and architectural design patterns as they relate to risk managementData Protection & Privacy: Comprehensive expertise in data governance, privacy frameworks (PIPEDA, GDPR equivalent), data classification, encryption, access controls, data retention policies, and privacy-by-design principlesBroad technical knowledge across multiple additional technology domains including :cybersecurity, software development, third-party risk management, and emerging technologiesStrong understanding of IT risk frameworks, control design principles, and risk assessment methodologiesFamiliarity with enterprise risk management practices, risk appetite frameworks, and the Three Lines of Defense modelAnalytical & Strategic Capabilities- Experience developing and executing multi-year strategic plans and managing large-scale initiativesLeadership & Influence: Proven ability to serve as a trusted technical advisor to senior leaders on complex technology and risk matters. Strong negotiation and stakeholder management skills, with the ability to balance organizational priorities and risk considerationsExcellent communication skills, with the ability to translate technical concepts into clear, actionable business insights for diverse audiencesAbility to work effectively in ambiguity, prioritize competing demands, and drive collaboration in a matrixed organizationNice to have:Industry certifications such as CISSP, CISM, CISA, or CRISCCertifications or demonstrated expertise in AI governance, responsible AI frameworks, or AI risk managementKnowledgeable of offensive security disciplines (penetration testing, red team operations, cyber forensics, security assessments)Certifications or demonstrated expertise in systems architecture governance or enterprise architecture frameworks (TOGAF, ArchiMate)Certifications or demonstrated expertise in data protection frameworks (DPIA, data governance, privacy engineering)What’s in it for you?We thrive on the challenge to be our best, progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference in our communities, and achieving mutual successA comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.Leaders who support your development through coaching and managing opportunities.Ability to make a difference and lasting impact.Work in a dynamic, collaborative, progressive, and high-performing team.A world-class training program in financial services.Opportunities to do challenging work#LI-POST
#TECHPJJob Skills Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat ManagementAdditional Job DetailsAddress: 16 YORK ST:TORONTOCity: TorontoCountry: CanadaWork hours/week: 37.5Employment Type: Full timePlatform: TECHNOLOGY AND OPERATIONSJob Type: RegularPay Type: SalariedPosted Date: 2026-03-18Application Deadline: 2026-04-15Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date aboveOur Employment OpportunitiesAt RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.Join our Talent CommunityStay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at .RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.

Royal Bank of Canada

Similar Jobs

  • Director, Information Security

    AECON

    • Toronto, ON
    • $145,000-160,000 per year
    Come Build Your Career at Aecon! As a Canadian leader in infrastructure development, Aecon is and building what matters for future generations to thrive! We lead some of the most…
    • 10 days ago

  • Director, Corporate Security

    CPP Investments

    • Toronto, ON
    Make an impact at a global and dynamic investment organization When you join CPP Investments, you are joining one of the world’s most admired and respected institutional investor…
    • 21 days ago