Associate Director - Cyber & IT Risk
About The Position
Reporting to the Director, Technology Strategy within Group Risk Management Enterprise Resilience Risk (ERR), you will lead Second Line of Defense engagement across all Regulatory Examinations and Regulatory Issue Remediation. This role involves collaborating with global Cyber and Technology Risk, Business Regulatory & Issues Management, US Regulatory Relations, and Global IT Risk (encompassing Global Cyber Security, Technology & Operations) to ensure compliance with regulatory examination requirements across first and second lines of defense. This position offers a high-profile opportunity to work within a dynamic framework, providing broad exposure to Technology and Operational Risk Management.
Requirements
- Undergraduate degree in Technology or Business, followed by a minimum of 7 years of progressively responsible experience in Technology, IT Risk, or IT Internal Audit, including risk analysis and reporting roles.
- Detail-oriented, operationally focused, and action-driven mindset with a commitment to continuous improvement.
- Demonstrated knowledge of regulatory compliance and risk management within the financial services industry.
- Strong interpersonal, influencing, and communication skills, with the ability to effectively engage stakeholders, regulators, and cross-functional teams.
Nice To Haves
- Experience within a large, global financial services organization.
- Certifications such as CISSP, CRISC, or other Information Security credentials.
- 5 years of dedicated IT risk management experience.
- Working knowledge of GRC tools (e.g., Archer, ServiceNow).
Responsibilities
- Perform review and challenge for all regulatory submissions to ensure accuracy, validity, completeness, and alignment with internal RBC policies, standards, and regulatory requirements.
- Identify areas for improvement through regulatory submission analysis, communicating issues, risks, and control gaps to the broader Second Line of Defense team and subject matter experts to facilitate targeted remediation efforts.
- Coordinate and draft Second Line of Defense Regulatory Exam First Day Letter Requests.
- Plan, execute, and deliver Second Line oversight, review, and challenge for regulatory workstreams within the US.
- Partner with senior leaders in US Operations and Global Technology to ensure integrated regulatory remediation activities.
- Ensure traceability of remediation outputs to root causes and regulatory responses, securing appropriate governance signoffs as necessary.
- Perform review and challenge for regulatory remediation activities to validate alignment with corrective actions and verify documentation of remediation efforts.
- Track and report on trends and gaps within regulatory activity and submissions.
Benefits
- Opportunities to do challenging work utilizing latest technologies
- Opportunities to see measurable results in relatively short term
- Opportunities to take on progressively greater accountabilities
- Opportunities to building close relationships with counterparts across the bank
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
