Sr. Manager – Cloud Compliance
| Company | Royal Bank of Canada |
|---|---|
| Location | Toronto, ON, Canada |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 5+ years in the IT compliance, governance, assurance, or financial services industry
- CCSK, CCSP or similar cloud or IT certification (CPA combined with IT experience also considered an asset)
- Experience with AWS, Azure and Google
- Strong knowledge of Information Security standards and framework (NIST series, ISO 27000 series, CSA, etc.)
- In depth experience with regulatory compliance programs (like OSFI, GDPR, FBA, FedRAMP/ FISMA, HIPAA, SOC 2, PCI, etc.) and audit procedures
- Maturity level and skill/judgment to effectively manage peers and operational risk groups throughout the organization
- Experience developing control libraries and working with GRC (Governance, Risk & Compliance) tools
- Relevant certifications such as AWS Certified Solutions Architect, Google Cloud Professional Cloud Architect, Azure Solutions Architect, or CCSK
- Excellent communication (verbal and written) skills, including strengths in relationship management, influencing and negotiation
- Sound problem solving, analytical (including qualitative analysis), research, and quantitative skills
- Strong leadership skills and proven ability to manage high performing cross functional groups.
Responsibilities
- Provide risk management services to: Product, Engineering, Operations, DevOps, Security, application development and support teams. Risk management services include the following: IT & operational risk analysis, risk & compliance exposure reporting, advisory & consultation on new activities, formal communication with regulators and auditors and risks awareness training.
- Drive transformation of compliance and risk management using modern and up-to-date guidance from relevant groups and industries. Advise on, develop, and implement processes around risk identification, assessment, and remediation.
- Establish plans and roadmaps that include automation, self-service enablement and continuous improvement of risk management and audit readiness in conjunction with cloud teams; balancing compliance and risk management while also improving agility.
- Support consultation on and lead implementation of cloud policy, standards, guidelines, tools.
- Create and monitor awareness and training program throughout the cloud organization to ensure proactive risk practices are maintained.
- Interact with business and IT leaders within T&O to proliferate awareness and shared accountability for Cloud risk management and compliance.
- Act as the key representative in controls workshops with internal/external auditors and regulators. Lead and/or participate and complete internal bank risk activities such as RCSAs, Quantitative Risk Assessments etc.
- Provide subject matter expertise of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulators/regulations, such as SOX, OSFI, OCC, FINRA and FRBNY. Proactively assess readiness for upcoming exams and prioritize remediation activities.
- Consult in T&O compliance/audit standards for assessing impact to T&O. Stay up to date on changing regulatory standards for external reporting that impact T&O.
- Along with you peer Sr. Managers, support/share the management of audit engagements end-to-end (e.g., planning, scoping, kick-off, fieldwork, rebuttals, drafting remediation plans etc.).
Preferred Qualifications
- Prior experience with automation and self-serve enablement of IT processes considered an asset.
- Experience working in financial services or other regulated industries.