Vendor IT Risk Advisor (GCS)

Joining the Third Party IT Risk Advisory and Consulting team as a Vendor IT Risk Advisor, you will serve as a subject matter expert and will identify, collect and maintain the necessary data to represent cyber security postures of RBC's third party suppliers. This role supports monitoring and reporting on the security posture of RBC's third party providers throughout the lifespan of their relationship with RBC. The mandate covers leveraging new technologies to enhance our IT risk due diligences capabilities, as well as maintaining communications on how different areas of the bank are managing their Cyber Risk profiles based on the existing technologies used.

What will you do?

Supporting the Third Party IT Risk (TPITR) team you will...

• Establish and develop a trusted partnership with other Global Cyber Security (GCS) teams, Group Risk Management (GRM) and RBC Lines of Businesses

• Build strong knowledge of TPITR services as defined within the Third Party IT risk service catalogue and with respect to third party threat intelligence landscape and operations.

• Build knowledge around RBC's Supplier due diligence process, including SRMA and RFP/RFI Processes processes, and provide insight and advice to stakeholders

• Develop working knowledge of Archer reporting capabilities and other reporting tools (e.g. Tableau).

• Produce analytics reports through repeatable, data-driven, quantitative methods using all available data to assess third party suppliers' cyber security risks.

• Contribute to strategic changes in the utilization of the existing Continuous Monitoring Program

• Build and communicate weekly based on asks from the business, and formal monthly meetings, with assigned RBC Supplier Management Office (SMO) communities, Engagement Owners, and GCS partners. This will include communications that articulate key trends, issues, and actions required by our partners

What do you need to succeed?

Must have:

• Undergraduate degree coupled with change management experience in complex programs with high frequency of requests and multiple priorities.

• Demonstrated ability in written and oral communication skills along with strong presentation skills. Ability to determine the information and communication needs of the stakeholders and project.

• Skilled in IT Risk / Cyber Security Risk Identification through either/or work experience and formal accreditations.

• A strong understanding of IT enterprise application deployment methods and infrastructure technology management specific to financial services industry.

• Deadline-driven and results-oriented; able to meet consistently high quality standards while handling a variety of tasks and deadlines simultaneously.

Nice-to-have:

• Experience in a matrix management type environment, such as a large, publicly-traded highly regulated corporation
• CRISC/CISSP/GIAC/ISC Certification(s) attained or in progress

What's in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• A world-class training program in financial services
• Flexible work/life balance options
• Opportunities to do challenging work

#techpj

#LI-Hybrid

#LI-POST

Job Skills

Additional Job Details