Lead defensive threat research on generative and agentic AI systems at RBC. Identify emerging threats and develop proof - of - concept exploits to enhance AI security.
IN
IT Internal Audit Assistant Manager – Technology Infrastructure Security
Posted 4 days ago
About the role
- IT Internal Audit Assistant Manager leading audits across cybersecurity and technology infrastructure. Collaborating within a global team to enhance control environments and risk resilience.
Responsibilities
- Plan and execute complex, risk-based IT audits that strengthen our control environment, protect critical assets, and improve resilience.
- Lead audits across cybersecurity, technology infrastructure, network operations, and cloud environments, leveraging data analytics and automation to enhance coverage and insight.
- Operate within a global team where participation and value-add are key to the success of Corporate Audit Services and adherence to IIA Standards and internal methodology.
- Plan and develop audit scope, programs, and procedures using risk-based methodologies; apply control frameworks (NIST CSF, CSA Controls, Mitre Att&ck) and map tests to regulatory expectations.
- Manage projects (budget, timelines); review working papers for quality; coach and provide guidance to staff; ensure robust issue grading with clear root-cause analysis and risk articulation.
- Help lead or support audit team in kick-off and closing meetings, effectively communicate audit objectives, scope, findings, and recommendations to management.
- Work with business stakeholders on findings follow-ups to ensure implementation of recommendations.
- Prepare crisp, concise audit reports for review by Senior Managers, Directors, and Chief Auditor.
- Use data analytics (e.g., SQL, Python, Power BI) to test controls at scale and produce meaningful visuals to aid reports.
- Participate in the development and modifications of the audit practices and tools as well as department initiatives.
- Foster risk and control awareness across the organization by working with management and other line of defense functions.
Requirements
- Post secondary in Information Technology, Cybersecurity, Computer Science, or a related field is required
- Minimum 3 years of IT auditing experience, preferably within large public organizations or external audit firms.
- Recognized professional designations (e.g., CIA, CISA, CCSK, CCSP, CISSP, CISM, PMP).
- Cybersecurity skills and hands-on audit experience covering security operations, IAM/privileged access, cloud security (AWS/Azure/GCP), and infrastructure/network controls, is required.
- Working knowledge of control frameworks and regulatory expectations (e.g., NIST CSF, ISO 27001, CIS Controls, COBIT; OSFI, SOC 2).
- Experience using data analytics tools and scripting (e.g., SQL, Python, Power BI) to support audit analytics and automated testing.
- Strong project management skills and solutions-driven
- Versed in audit methodologies
- Excellent written and communication skills
- Experience using data analytics tools
- Prior insurance industry experience is an asset.
Benefits
- Flexible work arrangements and a hybrid work model
- Possibility to purchase up to 5 extra days off per year
- Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
- Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
System Security Administrator managing and securing eStruxture's IT infrastructure. Collaborating on security projects and ensuring operational excellence in data centers.
Bug Bounty Security Researcher identifying and reporting vulnerabilities in software applications and systems for Inspectiv. Contributing to improving security and participating in bug bounty programs.
Information Security Engineer safeguarding digital infrastructure at Forward Financing. Building automation workflows and enhancing security measures through proactive solutions and incident response.
Software Engineer focusing on security features for AI systems at Cohere, contributing to production security and secure coding practices.
Senior Security Engineer supporting end - to - end security architecture and compliance for healthcare AI startup. Designing Azure security solutions and partnering with engineering teams for integrated security throughout SDLC.
Security Engineer at Asymmetric Research specializing in security for L1/L2 blockchains and DeFi protocols. Design controls, conduct audits, and analyze vulnerabilities in Rust - based platforms.
Coordonnatrice en santé et sécurité au travail chez EXP, contribuant à la prévention et à la formation. Collaborant avec les équipes pour maintenir un environnement de travail sûr.
Senior Manager, IAM Control Assurance supporting identity and access management compliance within a global financial organization. Collaborating with cross - functional teams for regulatory and audit compliance.
Information Security Engineer at Deel ensuring cybersecurity for global operations. Act as SME in implementing security tools and frameworks across remote endpoints and cloud assets.