Senior Compliance Analyst (Global Security)

Royal Bank of Canada•Toronto, ON

1d•Onsite

About The Position

The Senior Compliance Analyst (Global Security) role involves designing and executing compliance testing protocols, maintaining regulatory evidence catalogs, and monitoring functional teams' adherence to Corporate Security Management policies. This position requires documenting control testing results, tracking remediation progress, and preparing compliance status reports for various stakeholders. The analyst will partner with leaders in Physical Security, Employee Protection, and Insider Risk to clarify control designs and provide evidence, while also advising on control framework maturity and recommending enhancements aligned with regulatory expectations.

Requirements

4+ years of compliance, internal audit, or risk experience in financial services or banking
Proven expertise in control design, compliance testing methodology, and evidence documentation
Strong knowledge of regulatory frameworks (OSFI, ISO 27001, NIST, SOC 2, GDPR, PIPEDA)
Proficiency with enterprise GRC and supplier risk tools (Archer, ServiceNow, or similar platforms)
Excellent written and verbal communication skills with ability to translate compliance concepts for diverse audiences

Nice To Haves

CIA (Certified Internal Auditor), CISA, or equivalent professional certification
Direct experience in corporate security or physical security compliance environments
Background working in matrixed organizations with global teams and varied regulatory jurisdictions
Experience with insider risk or vendor risk management frameworks

Responsibilities

Design and execute compliance testing protocols to validate key and non-key controls across assigned functional areas
Maintain regulatory evidence catalogs (OSFI guidance, insider threat frameworks, vendor risk standards) through periodic collection and organization
Monitor functional teams' adherence to Corporate Security Management policies and identify gaps between policy requirements and operational practice
Document control testing results and observations in audit-ready formats; escalate exceptions and control gaps to GRC leadership
Track remediation progress from identified compliance gaps and validate closure
Prepare compliance status reports for internal audit, external regulators, and GRC leadership
Partner with Physical Security, Employee Protection, and Insider Risk leaders to clarify control design and obtain supporting evidence
Advise on control framework maturity and recommend enhancements aligned with regulatory expectations