Senior Compliance Analyst, Corporate Security Management (GLOBAL SECURITY)
RBC•Toronto, ON
•Onsite
About The Position
The Senior Compliance Analyst, Corporate Security Management (GLOBAL SECURITY) role involves contributing to the design and execution of compliance testing protocols, validating controls, and managing regulatory evidence. The position requires monitoring adherence to policies, identifying gaps, and preparing compliance reports. It also involves engaging with various functional teams to understand control designs, clarify requirements, and obtain evidence, while communicating compliance expectations clearly.
Requirements
- 4+ years of compliance, internal audit, Governance or Risk experience in financial services or banking.
- Experience with control design, compliance testing methodology, and evidence documentation.
- Knowledge of regulatory frameworks relevant to physical security, insider risk, and/or vendor risk management (OSFI, ISO 27001, NIST, SOC 2, and GDPR, CSA, PIPEDA, SOX, or equivalent).
- Familiarity with enterprise-level GRC and supplier risk tools (e.g., Archer, ServiceNow, or similar).
- Strong written and oral communication skills; ability to translate technical compliance concepts for diverse audiences.
- Detail-oriented with strong organizational and project management capabilities.
Nice To Haves
- CIA (Certified Internal Auditor), CISA, or equivalent professional certification.
- Experience in a corporate security or physical security compliance environment.
- Experience working in a matrixed organization with global teams and varied regulatory jurisdictions.
Responsibilities
- Contribute to the design and execute compliance testing protocols across assigned functional areas in accordance with approved testing methodologies.
- Validate that key and non-key controls are documented, operate as designed, and produce evidence aligned with regulatory and policy expectations.
- Document testing results and control observations in audit-ready formats; escalate exceptions and control gaps to AD CSM GRC.
- Advise on control framework maturity and regulatory alignment; recommend enhancements to AD CSM GRC.
- Establish and maintain evidence repositories for assigned regulatory requirements (e.g., OSFI guidance on physical security, insider threat frameworks, vendor risk standards).
- Conduct periodic evidence collection, organizing and preserving audit trails, ensuring evidence is complete, current, and appropriate.
- Monitor functional teams' adherence to enterprise policies, standards, as well as CSM procedures and guidelines.
- Identify gaps / variances between policy requirements and operational practice; document findings and recommend remediation timelines.
- Track progress of remediation activities and validate issue closure.
- Prepare compliance status reports on internal audit issues, regulatory exams, self-identified issues etc. for GRC leadership (as required).
- Support audit fieldwork and inquiries.
- Partner with functional team leads (Physical Security, Employee and Executive Protection, Incident Management, Physical Security Operating Centre and Insider Risk) to understand control design, clarify requirements, and obtain evidence.
- Communicate compliance expectations, timelines, and findings in clear, actionable terms.
- Translate approved Policies and Standards into testable control criteria to support compliance assessment activities.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
