Sr. Manager, Infrastructure & Risk Center of Excellence (COE)

Job Description

The Sr. Manager, Infrastructure & Risk Center of Excellence (COE) will play a critical role in supporting a newly formed technology risk management (1A) team within the Bank’s Technology Infrastructure (TI) organization. This role will collaborate with IT departments (e.g., cloud, mainframe, database, middleware, operations, DR), enterprise risk and security teams and 2LOD to transform the existing 1st line risk practices and bring forward the TI organization’s risk profile. The position ensures compliance with regulatory, internal risk, and audit expectations while fostering a culture of proactive risk management across the IT organization and supporting the achievement of TI’s strategy.

What will you do?

• Develop and oversee the enhancement of the current IT risk assessment processes managed by the group, ensuring appropriate coverage of IT Risk Management framework and US and CAD regulatory requirements.

• Monitor emerging threats and trends within the technology landscape, including but not limited to, cyber, operational and third-party risks.

• Provide ongoing assessment of IT risk strategies, frameworks and processes to ensure continued alignment with emerging trends and regulatory expectations.

• Define, implement and monitor risk assessment methodologies and monitoring tools to identify technology related risks.

• Conduct regular risk assessments and gap analysis to identify potential weaknesses in IT controls and recommend appropriate remediation strategies.

• Collaborate with Controls Analysis & TI Risk COEs to ensure assessment processes are efficient while supporting the advancement of TI by driving smart, risk-based decisions by IT partners.

• Establish key metrics and reporting capabilities to effectively evaluate IT-related risks dependent on RBCs overall environment.

• Partner and build strong relationships with IT business partners to assist, educate and proactively identify risks associated with IT activities.

What do you need to succeed?

Must have:

• Minimum of 7 years in an IT Risk Management capacity, across any of the 3 lines of defense, with a strong focus on mitigation and remediation.

• Strong understanding of risk management frameworks and standards across the US or Canada (e.g., regulatory compliance, enterprise risk, internal controls, SOX, ITGC); expertise with UK and APAC regulators, considered beneficial.

• Understanding of various infrastructure and middleware platforms such as cloud, mainframe, middleware, database, operations.

• Demonstrated ability to design and implement processes to manage risk management and risk remediation work with delivery of actionable risk reporting.

• Exceptional relationship-building skills, with the ability to collaborate across diverse functions and levels of the organization.

• Strong analytical and problem-solving skills, with the ability to create scalable, repeatable processes that simplify risk management in IT operations.

• Passionate about improving the risk management experience while delivering on commitments and expectations from risk stakeholders.

• Experience managing and prioritizing multiple risk remediation projects simultaneously.

• Deep desire to support training and education of others and self.

• Industry framework knowledge, i.e., NIST, COBIT, FedRAMP, FFIEC.

Nice to have:

• Industry related certifications, i.e., CISA, CPA, CA, CRISC, CISM, CISSP etc.

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• A world-class training program in financial services.

#LI-POST

Business Continuity and Disaster Recovery (BCDR), Cost-Benefit Analysis (CBA), Cyber Security Management, Firewall Management, Information Security Management, IT Network Security, Operational Delivery, Problem Management, Process Management, Threat Management

Address: RBC CENTRE, 155 WELLINGTON ST W, TORONTO

City: Toronto

Country: Canada

Work hours/week: 37.5

Employment Type: Full time

Platform: TECHNOLOGY AND OPERATIONS

Job Type: Regular

Pay Type: Salaried

Posted Date: 2025-09-19

Application Deadline: 2025-10-31

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you. Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at RBC’s careers site.