Job Title- Specialist, Risk & Audit Management

Job Mandate- As part of the Cloud & Transformation Team, your role is to support the Cloud Program in the risk and audit management areas. You will partner and collaborate with all Cloud Stakeholders including but not limited to Cloud and business partners. You will be responsible for creating and maintaining a Cloud Risk & Audit Book of Record, testing & documentation of controls and providing up to date Risk and Audit reporting capabilities. This role requires the following skills: project management, control testing, relationship building, facilitation and coordination with business partners, vendors, cloud service providers, external/internal auditors and key stakeholders across the enterprise.

Primary Responsibilities – 

Individual contributor with advanced understanding of risk exposure reporting, control testing & documentation, providing risk & audit management services to: the Cloud Teams, Engineering, application development and support teams. Services provided by the broader team cover IT & operational risk analysis, risk & compliance exposure reporting, risk awareness & advisory and regulatory response. 

Advise on, develop, implement processes around risk & control identification, assessment, and remediation, including control testing, issues management, exception management, vendor risk management policy management, and security incident and vulnerability response

Overall Responsibilities:

For the Cloud portfolio, support the Cloud Compliance team with the audit planning, risk management and continuous risk monitoring activities

Support the Cloud teams through end-to-end life cycle of individual audits and special reviews. Assurance work includes operational, regulatory compliance, risk (Third party, Applications, etc.) and special projects, as requested by the Bank’s Senior Management

Create a central repository for all documentation and risk artefacts related to the Cloud Services and the Cloud Team. This repository is to become the Cloud Audit Book of Records to be used with all audit and regulatory exams.

Assess effectiveness of internal controls, risk management practices and governance processes in order to draw conclusions to complete the audit programs.

For the portfolio of businesses, maintain stakeholder relationships to successfully carry out continuous risk monitoring activities, as well as provide insights to businesses as a trusted partner 

Provide independent, objective risk evaluation of the effectiveness of the corporate enterprise controls and governance processes in the RBC Cloud Services area

Help our internal stakeholders successfully identify and prevent risk. Our professionals act as “process engineers” – challenging existing structures and identifying opportunities for the business to strengthen their environment in alignment with their strategies.   

Once reviews are complete, you leverage your communication skills to provide insights to the business on their processes and drive enhancements to their risk management practices. 

Not a people management role (i.e. no direct reports).

Contribute to execution of audits and formal documents audit evidence, in accordance with Internal RBC guidelines. 

Develop and draft recommendations relating to the risk management program

Identifies the key risks and potential business impacts

Identify opportunities for incorporating advanced analytics by providing detailed and clear questions to the team Data Analytics Lead or Data Scientist.

Respond to stakeholder needs quickly and efficiently.

Build trusting relationships with Internal Audit peers and business partners.

Ability to work in a dynamically changing environment.

Audit engagements:

Consult in T&O compliance/audit standards for assessing impact to T&O. Stay up to date on changing regulatory standards for external reporting that impact T&O.

Responding to inquiries and RFIs from various audit bodies.

Maintaining backlog of Questions & Answers (i.e. auditor FAQs)

Reporting on risk – remediation plans and Acceptance findings from previous audit.

Issue Impact Analysis and Resolution

Consult in T&O issue action plan and impact assessment.

Review T&O issues and action plans for impact to T&O RACT processes and reports.

Participate in T&O RACT audits, establish, monitor, and resolve action plans.

Required:

4+ years in the IT, assurance, or financial services industry

Good knowledge of Risk management practices & Vendor management

Good knowledge of process improvement

Experienced in control testing methodologies.

Maturity level and skill/judgment to be able to deal effectively with senior individuals within RBC and operational risk groups throughout the organization

Good communication (verbal and written) skills, including strong appreciation of relationship management

Sound problem solving, analytical (including qualitative analysis), research, and quantitative skills

Strong attention to detail and project management skills

Good knowledge of RBC businesses, products and organization

Excellent PC and database skills

Preferred: 

Deep knowledge of Operational practices across RBC specific to T&O

Strong organizational awareness

Facilitation skills and practices

Strong knowledge of RBC’s organization, T&O processes and compliance

Self-discipline and organized with proven time management skills

Required Qualification: University/College graduate or equivalent 

Preferred: CCSP / CCAK / CISA / AWS, Azure or GCP technical certifications

RBC requires as a condition of employment that all successful candidates in the United States and Canada be fully vaccinated against COVID-19 prior to their start date, and may require proof of the same. Reasonable accommodation is available where required by law.

RBC exige, à titre de condition d'emploi, que tous les candidats retenus aux États-Unis ou au Canada soient entièrement vaccinés contre la COVID-19 avant leur date d'entrée en fonction. Il est possible qu'ils aient à présenter une preuve vaccinale. Des mesures raisonnables d'adaptation sont offertes lorsque la loi l'exige

JOB SUMMARY

City:  Toronto

Address:  330 Front Street West

Work Hours/Week:  37.5

Work Environment:  Office

Employment Type:  Permanent

Career Level:  Experienced Hire/Professional

Pay Type:  Salary + Variable Bonus

Position Level:  PL07 

Required Travel (%):  0

Exempt/Non-Exempt:  N/A

People Manager:  No