At a Glance
- Tasks: Manage IT risks and collaborate with teams to enhance risk processes.
- Company: Join RBC, a leading global bank with a focus on innovation.
- Benefits: Enjoy competitive pay, flexible benefits, and a supportive work environment.
- Other info: Opportunities for growth and a world-class training programme await you.
- Why this job: Make a real impact in a dynamic team while developing your career.
- Qualifications: Experience in IT or finance, strong communication skills, and relevant certifications.
The predicted salary is between 70000 - 90000 £ per year.
The IT Risk & Control team, embedded in WII Business Technology T&O, serves as the 1st Line of Defense (1B) for WII IT risks, covering Investor Services and Wealth Management in Europe and Asia. This role supports the implementation of IT Risk Policies and Standards, processes IT Risk Issues in the Archer system, and assists with gap analysis and control design. It provides technical risk advice, ensures IT Risk processes are up-to-date, and partners with stakeholders like application custodians and T&O teams. Additionally, it offers ad-hoc support for Operational Risk Management programs and projects.
This is a permanent, full-time role and requires 4 days in the office at our 10 Fenchurch Avenue, London office.
What will you do?
- IT Risk Issue Management
- Work with IT teams to identify and document risk on the Enterprise Archer system (Risk register).
- Manage own findings portfolio as reviewer (initial review and approval, control over life cycle of risk remediation and risk acceptance, support to risk owners to mitigate slippages).
- Responsible for providing day-to-day support to the application towers with respect to IT risk advice and counsel.
- Continuously mature Issue Management processes and procedures to support the I&TS IT strategy.
- Support Director and SLT management on the appropriate treatment of technology risks.
- IT Risk Policies and Standards Support / Regulatory
- Lead and coordinate Internal and External audits for assigned LOBs as IT Risk Lead.
- Support Applications owners and custodians in understanding, executing, and maintaining the policies, standards, processes and tools to support requests from the broad T&O Operational risk community.
- Drive and support the technical environment in complying with key IT Risk policies, processes, and requirements both by engaging with internal teams and technology partners.
- Conduct and review gap analysis as directed.
- Lead the execution of Operational Risk initiatives as required.
- Risk Identification, Assessment and Measurement
- Conducts and/or supports Risk and Control Assessments, IT Risk Assessments, and other Centre of Governance assessments according to the Enterprise Operational Risk Standard.
- Execute self-assessment and gaps identification against new regulations.
- Project and new initiatives risk assessment.
- Acting as 1st level of review for the assessment of risks stemming from new initiatives and projects.
- Review and approval of Integrated Risk Profile (IRP) & IT Risk Triage.
- Reporting & Analytics
- Monitor on an ongoing basis various report and provide commentary on breaches.
- AI Transformation Priorities
- AI Tool Adoption for Risk: Deploy AI-driven solutions (e.g., anomaly detection, predictive risk analytics) to proactively identify and mitigate threats, ensuring quantifiable risk reduction and operational efficiency gains.
- AI Risk Management: Establish robust frameworks to address AI-specific risks, including model bias, data privacy, and algorithmic transparency, ensuring compliance with emerging regulatory standards.
- Business Partner Enablement: Collaborate with technology and business units to integrate AI risk tools into decision making processes, driving adoption, measuring value (e.g., reduced incident rates), and fostering a risk-aware culture.
- Region Specific activities
- Represent 1st line Application risk in selected RBC risk forum.
- Creation of risk reporting material and presentation in internal Risk forums.
What do you need to succeed?
Must-Have
- Extensive experience in the IT or financial services industry, demonstrating deep domain expertise.
- Relevant professional designation (e.g., CRISC, CISA/ISACA, PRMIA) to validate technical and risk management competencies.
- Strong understanding of the Application Lifecycle, including roles and responsibilities across the process.
- Proven ability to influence and collaborate with senior managers and operational risk groups across RBC.
- Exceptional communication skills (verbal and written), with a focus on relationship management and stakeholder engagement.
- Proficiency in PC and database tools, ensuring technical capability to support risk management activities.
Nice-to-Have
- University degree and/or Information Security Certification (e.g., CISSP, CISM).
- Familiarity with Archer or similar risk management tools for efficient issue tracking and reporting.
- Strong facilitation skills to lead discussions and drive alignment across teams.
- In-depth knowledge of RBC’s organisational structure, T&O processes, and compliance frameworks.
- Self-motivated with excellent time management and organisational skills to handle multiple priorities.
- Strong analytical and problem-solving skills, including qualitative and quantitative analysis capabilities.
- Understanding of organisational change management to support risk-related initiatives.
- Familiarity with IT risk/compliance frameworks (e.g., COSO, COBIT) to ensure alignment with industry standards.
What is in it for you?
We thrive on the challenge to be our best - progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation.
- Leaders who support your development through coaching and managing opportunities.
- Opportunities to work with the best in the field.
- Ability to make a difference and lasting impact.
- Work in a dynamic, collaborative, progressive, and high-performing team.
- A world-class training program in financial services.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Manager, IT Risk & Control , Wealth Management Europe (London)
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Royal Bank of Canada, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Royal Bank of Canada
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Royal Bank of Canada. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Senior Manager, IT Risk & Control , Wealth Management Europe (London)
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Royal Bank of Canada insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Royal Bank of Canada that you’re committed to staying ahead in the game.
How to prepare for a job interview at Royal Bank of Canada
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Royal Bank of Canada to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Royal Bank of Canada.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.