IAM Director managing customer-facing identity and access management security programs at RBC. Assessing risks, developing controls, and ensuring compliance with standards and regulations.
Responsibilities
Manage the day-to-day operations and effectiveness of RBC’s customer-facing identity and access management security programs
Assess risks associated with potential threats and develop controls to eliminate or minimize risks through CIAM product alignment
Design, create, and maintain enterprise-wide IAM control process models and frameworks aligned with RBC Standards and regulatory requirements
Lead periodic control testing activities across all customer IAM services, ensuring compliance with established policies and industry standards
Review and update IAM control procedures to ensure alignment with evolving regulatory landscapes
Conduct comprehensive analysis of audit findings and security risk assessments related to customer IAM controls
Provide recommendations and remediation strategies to address identified control gaps and security risks
Collaborate with internal audit, risk management, and compliance teams to support audit, regulatory, and third-party inquiries
Draft reports and presentations for executive forums to communicate IAM control status, risks, and strategic initiatives
Identify opportunities for cost savings and operational efficiencies in IAM control testing and assurance processes
Provide technical leadership and consultative services to business partners and application teams on customer IAM requirements
Monitor and report on IAM control compliance metrics, KPIs, and SLAs to ensure alignment with RBC risk appetite
Requirements
Minimum 6+ years in delivery or support roles within IT risk and controls
5+ years’ experience in IAM process modeling, controls implementation, and compliance
3+ years in customer identity and access management or related domains
Knowledge of regulatory frameworks and compliance requirements
Demonstrated experience in control testing methodologies and audit support
Change Leadership – ability to drive adoption of new IAM control standards and practices
Impact & Influence – capacity to influence stakeholders at all organizational levels
Achievement Motivation – drive to deliver results and continuous improvement
Business Acumen – ability to balance technical requirements with business needs
Analytical Thinking – strong capability to assess complex control environments and identify risks
Relationship Building – skill in developing and maintaining effective stakeholder partnerships
Conceptual Thinking – capacity to develop frameworks and strategic approaches to IAM controls
Experience with IAM products such as CyberArk PAS, SailPoint IdentityIQ, and Entra ID (nice-to-have)
Security Developer coordinating vulnerabilities and malware issues for the Python Software Foundation. Collaborating with teams to enhance security practices and document threat models.
Presales Security Expert supporting sales leads and educating customers on security at Fortinet. Responsible for technical resource during sales calls and post - sales training.
Lead AI Red Team focusing on adversarial testing and security for enterprise - scale AI systems. Collaborate with engineering and compliance to map vulnerabilities and document findings.
Intern in operational security at Investissement Québec, supporting security alert management and vulnerability tracking in a supervised learning environment.
IT Information Security Lead at Mirego, responsible for technology and information security management. Overseeing compliance and IT strategies while maintaining operational efficiency.
Cybersecurity Specialist focusing on offensive security for Exposant 3. Performing penetration testing, security audits, and team knowledge transfer in a hybrid work setup.
Financial security advisor in life and health insurance, developing and maintaining client relationships. Selling insurance products and assessing customer needs to provide personalized solutions.
Senior Security Engineer designing and maintaining Microsoft 365 security solutions at ResMed. Focusing on compliance, incident response, and collaboration with global teams.
Senior Infrastructure professional solving practical security challenges and improving enterprise systems security at Confluence. Focused on implementation, remediation, and secure operations across Windows and Linux environments.
Senior infrastructure professional responsible for vulnerability remediation and security improvements across enterprise systems at Confluence. Hands - on role involving Windows and Linux environments with strong collaboration with Cybersecurity team.