Endpoint Security Risk & Compliance Lead

The Endpoint Security Risk & Compliance Lead will be responsible for risk management, audit, and regulatory compliance activities for the Endpoint Security team. They will partner closely with technical Endpoint Security teams, Security Risk teams, and auditors to help ensure compliance with relevant regulations and industry standards. The lead will also drive the development and maintenance of reporting to ensure transparency and accountability for overall compliance with business and governance activities, including the development and implementation of policies, procedures, and controls to maintain the highest level of endpoint security risk management and compliance.

What will you do?

• Stakeholder Collaboration: Work closely with endpoint security teams, IT operations, and risk partners to understand security controls and processes and manage risks. 

• Audit & Regulatory Engagement Leadership: Champion audit, regulatory, and key control engagements with support from technical teams to drive accurate and meaningful responses for evaluators while also identifying areas for learning and improvement. 

• Risk Management: Own primary accountability for endpoint security risk management across endpoint security products. Capturing risks, tracking risks through their lifecycle, and supporting technical teams driving towards remediation. 

• Reporting & Remediation: Drive the development, distribution, and maintenance of meaningful reporting for key governance and compliance metrics relating to endpoint security (e.g., patching, certificate management, and password rotations.). 

• Supplier Management Governance: Manage regular reviews of endpoint security technology solutions relating to supplier and data risk, model risk, and exit strategies

What do you need to succeed? Must-have

• Excellent leadership and collaboration skills: The ability to collaborate with various stakeholders, including endpoint security teams, IT operations, and risk partners, is crucial for success in this role. The candidate must understand, speak, and write in both technical and simplified language, translating technical concepts between various audiences and partner teams including communications to auditor or regulator audiences. 

• Audit and regulatory compliance expertise: Experience with audit and regulatory engagements, including knowledge of relevant laws, regulations, and industry standards (e.g., NIST, SWIFT, PCI-DSS, GDPR), is essential for this position. 

• Strong understanding of security risk management frameworks: The ideal candidate should have in-depth knowledge of security best practices, risk management principles, and industry-recognized security frameworks. 

• Experience with reporting and metrics ownership: The ability to develop and maintain meaningful reports and metrics to measure endpoint security governance and compliance is critical for this role.

Nice-to-have:

• Certifications in information security (e.g., CISSP, CCSP, CRISC, CIAM, ITIL) 

• Previous work experience within the Finance or Insurance sector or other large enterprise industry 

• Understanding of security technologies such as anti-virus, data monitoring and protection, cryptography, identity and access management, and vulnerability scanning technologies 

• Knowledge of enterprise environments including IT ecosystems, software networks, traditional on-premise infrastructure and cloud platforms (AWS, Azure, GCP) 

• Experience with agile methodologies and tools, such as Jira or Azure DevOps, for backlog management and sprint planning 

What is in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success
that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• A world-class training program in financial services.

• Opportunities to do challenging work.

#LI-POST

#TECH PJ

Job Skills

Additional Job Details

Address:

City:

Country:

Work hours/week:

Employment Type:

Platform:

Job Type:

Pay Type:

Posted Date:

Application Deadline:

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Our Employment Opportunities

At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.