Security Analyst, Triage and Monitoring

What is the opportunity?
You will be a key member of the Threat Monitoring and Triage team as an experienced Security Analyst. You will provide technical expertise and leadership support to the proactive and reactive responses to cyber threats targeting RBC's global environment. You will focus on performing first‑line investigation and response actions, including triaging security detections and escalating security incidents. You will also maintain awareness of emerging and advanced threats and drive efficient security solutions to address the evolving threat landscape. This position will partner with Global Cyber Security (GCS) stakeholders and leadership to achieve the organisation's Intelligence‑led Security and Resilient Services objectives.

RBC expects all employees and contractors to work in the office with some flexibility to work up to 1 day per week remotely, depending on working arrangements.

• You will respond to and investigate complex security detections across multiple environments and technologies in a timely manner.
• Provide 7/24 support (rotational basis) for high severity incidents escalated from security vendors, security partners and the business.
• Perform technical investigation and triage activities of security alerts based on potential impact and risk to the organization.
• Escalate confirmed threats to SOC management and the Incident Response team as required based on criticality.
• Maintain awareness of detection trends and alert metrics to enhance our security controls and overall defensive strategy.
• Derive insights from day‑to‑day cyber investigations to identify security gaps and improve the organization's security posture.
• Partner with detection engineers to enhance security monitoring rules and reduce false positive alerts.
• Assist in the proactive hunting of unknown threats and suspicious activities within the environment as required.

• Bachelor’s degree in computer science and/or IT related disciplines.
• Certifications in information security preferred (CISSP, GCIA, GCIH, GREM, CEH).
• Proven experience in a SOC environment.
• Significant experience in performing investigation and triage activities of security events.
• Exposure to malware and sandbox analysis.
• Robust computer networking and OS knowledge.

• Experience with SOAR platforms.
• Familiarity with threat hunting techniques and scenarios.
• Knowledge in detection engineering.
• Understanding of current threat landscape and threat actor TTPs.
• Experience with scripting languages (PowerShell, Python, regex, Bash, etc.).
• Industry recognized certifications from ISC2, SANS, ISACA, etc.

• Help to develop the ethos and environment of a new team.
• Leaders who will support your development through coaching and managing opportunities.
• Have the opportunities to work with the best in the field.
• Ability to make a difference and lasting impact.
• Work in a dynamic, collaborative, progressive, and high‑performing team.

Applications will be accepted until 11:59 PM on the day prior to the application deadline date above.

At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.