Director, Infrastructure & Risk Center of Excellence (COE)

What is the Opportunity?

The Director, Infrastructure & Risk Center of Excellence (COE) will lead a newly formed technology risk management team within the Bank’s Technology Infrastructure (TI) organization. This role is accountable for building and leading a high-performing team that collaborates with IT departments (cloud, mainframe, database, middleware, operations, disaster recovery), enterprise risk and security teams, and 2nd Line of Defense (2LOD). The leader is responsible for transforming existing 1st line risk practices and elevating the TI organization’s risk profile, ensuring compliance with regulatory, internal risk, and audit expectations while fostering a proactive risk management culture across IT and supporting TI’s strategy.

What will you do?

• Prepare program roadmaps, project, and/or implementation plans to align with executive approval.
• Build out and lead a dynamic, high-performing team capable of supporting diverse IT groups with in-house expertise in technology & IT risk.
• Develop and maintain processes that ensure TI activities align with enterprise and regulatory standards, enabling traceability between IT processes and risk standards.
• Create and present reports to provide ongoing updates to RBC Technology senior/executive leaders on risk and compliance transformation efforts.
• Design and implement processes within TI Towers to systematically track all risk-related work, ensuring these processes support progress and risk reporting.
• Ensure the COE team is equipped to support IT personnel in executing controls testing, enterprise or TI risk assessment (e.g., RCSA, QRA), audit responses (internal, SOX), and regulatory submissions (OSFI, FRB, OCC).
• Support and promote the internal interaction model between the Towers and other TI Risk & regulatory functions (Controls Testing & Risk Analysis, Risk Reporting & Oversight, Strategy Planning & Delivery).
• Establish and support processes for 1st line risk activities (e.g., Archer issue management, controls development, KRI/audit issue remediation, risk assessments, supplier management) to ensure transparent, timely and effective delivery by accountable TI Towers.

What do you need to succeed?

Must have:

• 10+ years in an IT Risk management capacity across any of the 3 lines of defense.
• Deep expertise in risk management frameworks and standards across the US or Canada (e.g., regulatory compliance, enterprise risk, internal controls, SOX, ITGC); knowledge of UK and APAC regulators is beneficial.
• Understanding of various infrastructure and middleware platforms such as cloud, mainframe, middleware, database, operations.
• Proven track record of leading and maturing high-performing teams in a complex IT & risk environment.
• Demonstrated ability to design and implement processes to manage risk-related work and integrate these processes into enterprise risk reporting frameworks.
• Exceptional relationship-building skills with the ability to collaborate across diverse functions and levels.
• Strong analytical and problem-solving skills, with the ability to create scalable, repeatable processes that simplify risk management in IT operations.
• Demonstrated ability to transform and modernize processes, aligning legacy and modern IT practices into cohesive risk strategies.
• Passionate about improving the risk management experience while delivering on commitments from risk stakeholders.
• Industry framework knowledge (e.g., NIST, COBIT, FedRAMP, FFIEC).
• Industry certifications (e.g., CISA, CPA, CA, CRISC, CISM, CISSP).

Nice to have:

• Advanced knowledge related to RBC.
• AI risk expertise.

What’s in it for you?

We thrive on challenges, progressive thinking, and collaboration to deliver trusted advice that helps clients thrive and communities prosper. We value respect, belonging, and opportunity for all.

• A comprehensive Total Rewards Program including bonuses, flexible benefits, compensation, commissions, and stock where applicable.
• Leaders who support your development through coaching and opportunities.
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive, high-performing team.
• A world-class training program in financial services.

#LI-POST

Job Skills

Business Continuity and Disaster Recovery (BCDR), Cyber Security Management, Firewall Management, Information Security Auditing, Information Security Operations Center (ISOC), IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management

Additional Job Details

Address: RBC Centre, 155 Wellington St W, Toronto

City: Toronto

Country: Canada

Work hours/week: 37.5

Employment Type: Full time

Platform: TECHNOLOGY AND OPERATIONS

Job Type: Regular

Pay Type: Salaried

Posted Date: 2025-09-09

Application Deadline: 2025-09-30

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we believe an inclusive workplace with diverse perspectives is core to our growth as a global bank. We strive to foster a workplace based on respect, belonging, and opportunity for all.