Senior Threat Modeller - (Global Security)

Are you a cyber security professional with an interest in threat modelling? Would you like to work with several dynamic cybersecurity and development teams to deliver a scalable threat modelling program? We’ve got the role for you!

We are looking for a passionate cyber security professional that has a strong grasp of threat modelling to help us continue and evolve a program that facilitates effective threat modelling across the entirety of RBC and our subsidiaries. In this role, you will have the opportunity to work with a broad variety of stakeholders, drive impact through your work, and materially improve the cyber resilience of our organization.

• Define and analyze potential threat scenarios to identify security gaps and assess associated risks
• Develop and provide recommendations on threat mitigation or remediation
• Deliver threat models for applications, systems, and architecture patterns
• Perform code and architectural design reviews for internal and external software products
• Develop and implement tooling and processes to support threat modelling activities
• Develop and deliver security training and education programs for application developers, project managers, architects, and similar roles
• Prioritize and track application security issues across the organization
• Lead implementation efforts for security initiatives and resolutions resulting from internal and external assessments
• Ensure that issues identified are appropriately prioritized and addressed in future product releases
• Work with development teams to guarantee timely resolution of issues
• Identify and provide application security recommendations during requirement and design reviews
• Track open issues and follow up with different teams to address open issues
• Communicates technical information to a non-technical audience and non-technical information to a technical audience in a cross-site and cross-functional setting
• Enable application owners and developers to understand threats and appropriately prioritize security issues and mitigations

• Minimum of a B.S. in Computer Science, MIS or related degree and five (5) years of related experience in information security, development, software engineering or a combination of education, training and experience
• Expertise in threat modelling methodologies (e.g. STRIDE, DREAD, PASTA, etc.) and relevant tools
• Strong written and verbal communication skills with the ability to translate technical findings into business-oriented insights
• Ability to analyze, decompose and analyze complex application architectures
• Strong understanding of networking and operating systems (Windows, MacOS, Linux, Unix)
• Understanding of modern, cloud centric architectures and DevOps principles
• A strong understanding of offensive security tactics, techniques, and procedures

• Certifications in the Cyber Security domain
• Above average performance. You are competitive and passionate. You thrive on challenge and have a proven ability to set ambitious but achievable goals and surpass them
• A team player. You will work with RBC and bring a collaborative approach, with proven ability to build, grow, and maintain relationships both internally and externally
• Computer Information Systems Security Professional (CISSP) certification or the ability to obtain within six (6) months

At a team level, you will have exposure to operating in complex and critical environments that power our economy. You will work with talented and driven offensive security experts; refining and expanding your skillset. You will be given the opportunity to attend industry-leading public and private training sessions to take your skills to the next level.

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
• Dedicated budget for annual training and conference attendance
• Leaders who support your development through coaching, training, and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• Flexible work/life balance options including a hybrid-remote working environment
• Opportunities to do challenging work
• Opportunities to take on progressively greater accountabilities
• Opportunities to build close relationships with various cyber security teams

• Address: 410 GEORGIA ST W, FLOOR 3: VANCOUVER
• City: Vancouver
• Country: Canada
• Work hours/week: 37.5
• Employment Type: Full time
• Platform: TECHNOLOGY AND OPERATIONS
• Job Type: Regular
• Pay Type: Salaried
• Posted Date: 2024-11-22
• Application Deadline: 2025-10-03
• Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
• Inclusion and Equal Opportunity Employment: At RBC, we believe an inclusive workplace that has diverse perspectives is core to our growth. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community. Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you. Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at RBC jobs.