Senior Director- Security, Risk, & Emerging Threats (Global Security)

Job Description

What is the opportunity?The Senior Director- Security, Risk, & Emerging Threats, you will provide strategic guidance and oversight on emerging and complex technology risks, championing security risk as a competitive advantage. You will bridge technical risk assessment, business objectives, and enterprise risk tolerance to develop forward-looking strategies that anticipate threats across AI systems, infrastructure resilience, and data protection.By embedding risk awareness into innovation processes and decision-making, you will enable RBC to achieve operational excellence, maintain effective governance, and strengthen global security posture.What will you do?

• Risk Assessment Execution & Methodology: Conduct targeted, data-driven risk assessments across critical technology domains (AI/ML, systems architecture, data protection, cybersecurity, and third-party dependencies). Develop specialized methodologies for AI, architecture, and data protection risks, aligned with enterprise risk appetite and governance frameworks.

• Strategic Partnership & Global Risk Coordination: Serve as a key strategic partner to regional IT risk leads across APAC, EU, and US, providing technical expertise and guidance on complex technology risk matters. Collaborate to coordinate global risk assessment initiatives while respecting regional regulatory requirements and risk management practic

• Threat Landscape Analysis & Incident Assessment: Lead external incident and threat analysis to identify emerging risks and attack patterns relevant to financial services. Conduct deep-dive reviews of external incidents ( AI system failures, data breaches, and architecture vulnerabilities) to evaluate their applicability and potential impact on RBC’s environment, technology, and AI/data ecosystems.

• Actionable Intelligence & Risk Mitigation: Produce threat intelligence and incident briefings for stakeholders, and coordinate response reviews and lessons-learned exercises to drive control improvements and risk mitigation strategies

• Executive Reporting & Regulatory Engagement: Develop executive-grade reporting packages for senior management and regulators, presenting global technology risk posture, trends, and mitigation progress. Lead the production of quarterly/annual risk management reports and regulatory submissions.

• Strategic Control Environment Enhancement: Identify opportunities to strengthen RBC’s global technology control environment, with a focus on AI governance, systems architecture resilience, and data protection frameworks. Design and advocate for control improvements aligned with business transformation, regulatory expectations, and industry best practices, while developing implementation guidelines that balance effectiveness, efficiency, and feasibility across the enterprise.

• Compliance & Regulatory Alignment: Collaborate with compliance functions to ensure technology risk assessments align with regulatory requirements, supporting governance, control documentation, and reporting. Coordinate on interpreting and implementing regulatory guidance for technology, cyber risk, AI governance, and data protection, while integrating compliance considerations into risk prioritization and control design decisions.

• Technical Risk Advisory Support: Offer expert guidance to issue owners throughout the remediation process, leveraging specialized knowledge in AI, systems architecture, and data protection to address technical risks effectively

What do you need to succeed?Must have:

• 10+ years of progressive experience in Security engineering, or risk advisory roles, with demonstrated ability to identify and exploit vulnerabilities across multiple technical layers (AI/ML, data protection, cloud security, application security, systems architecture, access controls)

• AI & Machine Learning Risk: Substantial hands-on experience with AI/ML systems, including understanding of model development, deployment, governance, bias detection, explainability challenges, and control frameworks specific to AI systems in financial services

• Systems Architecture: Deep technical knowledge of enterprise systems architecture, cloud infrastructure, distributed systems, scalability, resilience, disaster recovery, and architectural design patterns as they relate to risk management

• Data Protection & Privacy: Comprehensive expertise in data governance, privacy frameworks (PIPEDA, GDPR equivalent), data classification, encryption, access controls, data retention policies, and privacy-by-design principles

• Broad technical knowledge across multiple additional technology domains including :cybersecurity, software development, third-party risk management, and emerging technologies

• Strong understanding of IT risk frameworks, control design principles, and risk assessment methodologies

• Familiarity with enterprise risk management practices, risk appetite frameworks, and the Three Lines of Defense model

• Analytical & Strategic Capabilities- Experience developing and executing multi-year strategic plans and managing large-scale initiatives

• Leadership & Influence: Proven ability to serve as a trusted technical advisor to senior leaders on complex technology and risk matters. Strong negotiation and stakeholder management skills, with the ability to balance organizational priorities and risk considerations

• Excellent communication skills, with the ability to translate technical concepts into clear, actionable business insights for diverse audiences

• Ability to work effectively in ambiguity, prioritize competing demands, and drive collaboration in a matrixed organization

Nice to have:

• Industry certifications such as CISSP, CISM, CISA, or CRISC

• Certifications or demonstrated expertise in AI governance, responsible AI frameworks, or AI risk management

• Knowledgeable of offensive security disciplines (penetration testing, red team operations, cyber forensics, security assessments)

• Certifications or demonstrated expertise in systems architecture governance or enterprise architecture frameworks (TOGAF, ArchiMate)

• Certifications or demonstrated expertise in data protection frameworks (DPIA, data governance, privacy engineering)
  

What’s in it for you?We thrive on the challenge to be our best, progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference in our communities, and achieving mutual success

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• A world-class training program in financial services.

• Opportunities to do challenging work

#LI-POST
#TECHPJJob SkillsBusiness Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operation Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat ManagementAdditional Job Details

Address:

16 YORK ST:TORONTO

City:

Toronto

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

TECHNOLOGY AND OPERATIONS

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2026-03-18

Application Deadline:

2026-05-26Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date aboveOur Employment OpportunitiesAt RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.