Senior Manager, Vendor IT Risk Governance and Compliance
City : TORONTO, Ontario, Canada
Category : Technology | Analytics | Research
Industry : Financial/Banking
Employer : RBC
Come Work with Us!
At RBC, our culture is deeply supportive and rich in opportunity and reward. You will help our clients thrive and our communities prosper, empowered by a spirit of shared purpose.
Whether you’re helping clients find new opportunities, developing new technology, or providing expert advice to internal partners, you will be doing work that matters in the world, in an environment built on teamwork, service, responsibility, diversity, and integrity.
What is the opportunity?
The Vendor IT Risk (VITR) program’s key mandate is to identify and manage cyber risks to RBC’s data and systems, introduced through relationships with RBC third parties. This role is anchored within the VITR Practice Management team which is responsible for the oversight, and maturity of the VITR program. Reporting to the Director, Vendor IT Risk Practice Management, this role – Senior Manager, Vendor IT Risk Governance and Compliance - will be responsible for managing and driving the maturity of the Vendor IT Risk program, by introducing process efficiencies, and ensuring alignment with regulatory requirements, industry best practices and organizational standards and policies.
What will you do?
Manage periodic maturity assessments of the VITR program and ensure remediation of identified observations.
Support strategic planning and provide input on roadmaps
Work cross functionally with global business units and functional groups such as Third-Party Risk, Privacy, Cybersecurity to promote awareness and deliver business results
Maintain awareness of regulatory changes that impact the program and ensure alignment with audit and regulatory requirements
Develop and maintain VITR program framework, including process and procedures and guidelines, through ongoing maintenance, and annual reviews.
Aid in the development of KPIs, KRIs and analytics that will measure the effectiveness of the program
Oversee challenge of enterprise processes for accepting risk associated with adverse assessment outcomes
Champion third party risk awareness and best practice sharing with various stakeholders and aid in the development of vendor IT risk management training modules
What do you need to succeed?
- Demonstrated experience in developing and applying leading practices in a large scale Information Security, Technology Risk or Vendor Risk environments;
- Experience in framework, policy and standard development
- Experience in process development and improvement
- Advanced working experience with security control frameworks (e.g. ISO27001, NIST CSF, PCI DSS, etc.);
- Working experience with IT GRC and Risk Management practices/ methodologies;
- Ability to partner with diverse stakeholders in complex scenarios with excellent liaison, communication, influence and presentation skills;
- Experience with Project Management practices in enterprise environments;
- Industry recognized qualifications and certifications in Information Security and/or Risk Management (CISSP, CRISC, FAIR etc.).
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
The Senior Manager / Manager, Vendor IT Risk Practice Management contributes to the overall success of the VITR Program ensuring goals, plans, and initiatives are executed / delivered in support of the team’s business objectives. This role will primarily support the operational processes and key strategic priorities of the VITR program.
Inclusion and Equal Opportunity Employment
At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at rbc.com/careers.