Senior Manager, Insider Risk - Asset Protection (Global Security)
Royal Bank of Canada
Prepare for this role
Job Type
Description
Job Description
What is the Opportunity?
The Senior Manager, Insider Risk - Asset Protection (Global Security) is a critical role that r focuses on identifying, assessing, and protecting digital assets including applications across RBC.
In this position, you will ensure RBC maintains adequate logging and monitoring controls to effectively mitigate insider threats and protect against unauthorized access and misuse of sensitive data and systems.
You will work with a diverse range of stakeholders to design, implement, and validate control frameworks while maintaining independence and objectivity in your risk assessments. A key part of the role will be ongoing control reviews and oversight, engaging with technical and business teams to enhance control coverage based on the likelihood of potential exposure.
You will be responsible for ensuring risks and controls are managed, sustainable, and maintained at the highest standards. The role will also be responsible for aggregating risk reporting and metrics while socializing these across risk and governance functions.
What will you do?
Identify insider threat vulnerabilities and control gaps across the organization, with particular focus on unauthorized access, data snooping, and non-business use of systems
Assess the effectiveness of existing logging and monitoring controls and evaluate risk exposure related to data access, privileged user activities, and sensitive system usage
Conduct regular reviews of higher-risk application areas (including "crown jewels") to ensure compliance with protections, policies, and standards and verify appropriate user activity logging for investigation support
Establish baseline metrics and KRIs (Key Risk Indicators) for control effectiveness and conduct regular testing of logging systems (integrity, completeness, accuracy)
Monitor alert thresholds, investigate control failures, and perform independent testing and validation of monitoring systems to ensure continued effectiveness
Identify and address logging and monitoring gaps across all applications; assess risks from gaps (account takeover, unauthorized client record access) and implement strategies to mitigate
Track and manage issues and findings to ensure timely remediation; assign clear ownership of logging responsibilities and hold stakeholders accountable for gap resolution
Report on control performance, metrics, to risk committees, governance forums, and executive stakeholders; present risk assessments and control recommendations across different lines of business
Collaborate with senior managers and cross-functional teams to establish consistent reporting structures and ensure standardized monitoring approaches
Act as a trusted partner to business and application stakeholders while maintaining objectivity; develop strong relationships with risk and operational partners across the organization
What do you need to succeed?
Must have:
Minimum 5+ years of progressive experience in risk management, control design, or internal audit within a financial institution.
Demonstrated experience reviewing logs, identifying suspicious patterns, and validating the completeness and accuracy of logging configurations is required. You should understand log retention policies, log integrity mechanisms, and how to leverage logs for forensic investigations and incident response.
Comprehensive understanding of data protection risks, exposures, and effective controls to mitigate them, specifically in financial services environments. This includes knowledge of data classification frameworks, access control principles, data residency requirements, and regulatory compliance obligations (PIPEDA, PCI-DSS).
Hands-on experience with logging, monitoring, and detection technologies across enterprise applications. You should have practical knowledge of SIEM (Security Information and Event Management) platforms, log aggregation tools, and monitoring solutions.
Demonstrated expertise in identifying control gaps, designing compensating controls, and implementing sustainable risk mitigation strategies
Advanced proficiency in developing and maintaining risk metrics, KPIs, and performance dashboards for executive-level risk reporting and governance forums.
Experience with tools such as Tableau, Power BI, Excel
Excellent stakeholder management and communication skills- must be comfortable presenting risk findings and recommendations to executives, challenging gaps, and building consensus around remediation timelines
Nice to have:
Knowledge of insider threat management, behavior-based monitoring, and detection technologies
Industry-related certifications ( CISSP, CISA, CRISC)
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
Leaders who support your development through coaching and managing opportunities
Ability to make a difference and lasting impact
Work in a dynamic, collaborative, progressive, and high-performing team
A world-class training program in financial services
Opportunities to do challenging work
#LI-POST
#TechPJ
Job Skills
Audits Compliance, Critical Thinking, Data Gathering Analysis, Decision Making, Financial Regulation, Industry Knowledge, Interpersonal Relationship Management, Product Services, Risk Management, Strategic ThinkingAdditional Job Details
Address:
City:
Country:
Work hours/week:
Employment Type:
Platform:
Job Type:
Pay Type:
Posted Date:
Application Deadline:
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
Our Employment Opportunities
At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.
Join our Talent Community
Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.
Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.
RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.
This job is found at InterviewStack.io
Skills
About Royal Bank of Canada
Royal Bank of Canada (RBC) is a leading Canadian financial institution offering diversified financial services including personal and commercial banking, wealth management, insurance, investor services, and capital markets products and services. RBC operates globally with a strong presence in Canada, the United States, and internationally.