Bluebayinvest
Regional Information Technology Risk Officer - Technology & Cyber Incident and R
Bluebayinvest, Jersey City, New Jersey, United States, 07390
Regional Information Technology Risk Officer - Technology & Cyber Incident and Recovery
Job SummaryWhat is the opportunity?The Regional Information Technology Risk Officer will report to the Managing Director of US IT Risk. The US IT Risk team is responsible for providing a comprehensive view of IT Risk across Royal Bank of Canada’s US business units - Capital Markets, Wealth Management, Global Asset Management, City National Bank and RBC Bank. The team is responsible for overseeing risk management practices, reporting to the regional Board, conducting risk assessments, ensuring that appropriate controls are in place, and engaging with US regulators on continuous monitoring, exams, and remediation programs.What will you do?Work with Business Unit IT Risk Leads to understand the risks within each business unit and how those risks collectively impact the US regional entity, with primary focus on oversight of the Technology & Cyber Incident and Recovery processes within the Cybersecurity domain.Function as IT Risk SME for Technology & Cyber Incident and Recovery processes to quantify risk exposures and develop mitigation strategies.Work with IT teams to ensure proper implementation of controls and compliance with policy standards related to backup and restore, disaster recovery and incident management.Act as a lead to implement and improve internal controls including assessment, reporting, metrics, monitoring and testing to mitigate risk including risk of inadequate resilience or inability to recover within agreed timelines.Establish heightened governance over Technology & Cyber Incident and Recovery-related findings through regular engagement with application teams and risk leads. Review scope, compensating controls, and overall remediation plan as well as any changes to existing findings, such as extended timeline requests.Develop action plans to address identified control breaches and deficiencies, completing root cause analysis and implementing processes to track, monitor and report issues.Provide guidance on technology risk matters to senior leaders and stakeholders.Strengthen alignment across US business units and leverage best practices for Combined US Operations (CUSO) reporting.Identify key areas of risk and leading risk indicators.Conduct risk assessments to identify, evaluate and prioritize potential risks.Drive control enhancements to improve the risk posture of the US region.Expand and enhance metrics reporting coverage for the CUSO.Contribute to CUSO Domain Risk Profile report.Create and present risk reports for senior management forums.Contribute to the development of Enterprise policies, standards, and metrics, ensuring alignment with US IT risk management requirements.Respond to regulatory inquiries and exams.What do you need to succeed?Must-haveBachelor’s degreeMinimum 7-10 years of experience in IT Risk, preferably in large financial services Firms, with knowledge of backup and restore, disaster recovery and incident management processes and controls.Experience with backup and restore, disaster recovery and incident management processes, including experience influencing governance and controls.Familiarity with US IT regulatory requirements is a plus (e.g., OCC Heightened Standards, FFIEC Handbooks)Nice-to-haveCertifications are a plus (e.g., CRISC, CISA, CISM, CISSP)Project Management skills are a plusWhat’s in it for you?A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.Leaders who support your development through coaching and managing opportunities.Ability to make a difference and lasting impact.Work in a dynamic, collaborative, progressive, and high-performing team.A world-class training program in financial services.Flexible work/life balance options.Opportunities to do challenging work.The good-faith expected salary range for the above position is $110,000 - $190,000 depending on factors including but not limited to the candidate’s experience, skills, registration status; market conditions; and business needs. This salary range does not include other elements of total compensation, including a discretionary bonus and benefits such as a 401(k) program with company-matching contributions; health, dental, vision, life and disability insurance; and paid time-off plan.RBC’s compensation philosophy and principles recognize the importance of a highly qualified global workforce and plays a critical role in attracting, engaging and retaining talent that:· Drives RBC’s high performance culture· Enables collective achievement of our strategic goals· Generates sustainable shareholder returns and above market shareholder valueInclusion and Equal Opportunity EmploymentAt RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.
#J-18808-Ljbffr
Job SummaryWhat is the opportunity?The Regional Information Technology Risk Officer will report to the Managing Director of US IT Risk. The US IT Risk team is responsible for providing a comprehensive view of IT Risk across Royal Bank of Canada’s US business units - Capital Markets, Wealth Management, Global Asset Management, City National Bank and RBC Bank. The team is responsible for overseeing risk management practices, reporting to the regional Board, conducting risk assessments, ensuring that appropriate controls are in place, and engaging with US regulators on continuous monitoring, exams, and remediation programs.What will you do?Work with Business Unit IT Risk Leads to understand the risks within each business unit and how those risks collectively impact the US regional entity, with primary focus on oversight of the Technology & Cyber Incident and Recovery processes within the Cybersecurity domain.Function as IT Risk SME for Technology & Cyber Incident and Recovery processes to quantify risk exposures and develop mitigation strategies.Work with IT teams to ensure proper implementation of controls and compliance with policy standards related to backup and restore, disaster recovery and incident management.Act as a lead to implement and improve internal controls including assessment, reporting, metrics, monitoring and testing to mitigate risk including risk of inadequate resilience or inability to recover within agreed timelines.Establish heightened governance over Technology & Cyber Incident and Recovery-related findings through regular engagement with application teams and risk leads. Review scope, compensating controls, and overall remediation plan as well as any changes to existing findings, such as extended timeline requests.Develop action plans to address identified control breaches and deficiencies, completing root cause analysis and implementing processes to track, monitor and report issues.Provide guidance on technology risk matters to senior leaders and stakeholders.Strengthen alignment across US business units and leverage best practices for Combined US Operations (CUSO) reporting.Identify key areas of risk and leading risk indicators.Conduct risk assessments to identify, evaluate and prioritize potential risks.Drive control enhancements to improve the risk posture of the US region.Expand and enhance metrics reporting coverage for the CUSO.Contribute to CUSO Domain Risk Profile report.Create and present risk reports for senior management forums.Contribute to the development of Enterprise policies, standards, and metrics, ensuring alignment with US IT risk management requirements.Respond to regulatory inquiries and exams.What do you need to succeed?Must-haveBachelor’s degreeMinimum 7-10 years of experience in IT Risk, preferably in large financial services Firms, with knowledge of backup and restore, disaster recovery and incident management processes and controls.Experience with backup and restore, disaster recovery and incident management processes, including experience influencing governance and controls.Familiarity with US IT regulatory requirements is a plus (e.g., OCC Heightened Standards, FFIEC Handbooks)Nice-to-haveCertifications are a plus (e.g., CRISC, CISA, CISM, CISSP)Project Management skills are a plusWhat’s in it for you?A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.Leaders who support your development through coaching and managing opportunities.Ability to make a difference and lasting impact.Work in a dynamic, collaborative, progressive, and high-performing team.A world-class training program in financial services.Flexible work/life balance options.Opportunities to do challenging work.The good-faith expected salary range for the above position is $110,000 - $190,000 depending on factors including but not limited to the candidate’s experience, skills, registration status; market conditions; and business needs. This salary range does not include other elements of total compensation, including a discretionary bonus and benefits such as a 401(k) program with company-matching contributions; health, dental, vision, life and disability insurance; and paid time-off plan.RBC’s compensation philosophy and principles recognize the importance of a highly qualified global workforce and plays a critical role in attracting, engaging and retaining talent that:· Drives RBC’s high performance culture· Enables collective achievement of our strategic goals· Generates sustainable shareholder returns and above market shareholder valueInclusion and Equal Opportunity EmploymentAt RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.
#J-18808-Ljbffr