Projects and Compliance Specialist

What is the Opportunity?

The Middleware Compliance, Vulnerability & Risk Management team at RBC is responsible for ensuring enterprise messaging and integration platforms operate in accordance with the bank’s stringent security standards, regulatory obligations, and robust risk management framework.

As a Senior Technical Analyst, you will provide essential technical oversight, perform detailed compliance analysis, and offer comprehensive vulnerability and risk management support for critical middleware messaging platforms. You will collaborate closely with platform engineering, cybersecurity, risk, audit, and application teams to thoroughly assess risks, facilitate vulnerability remediation, and ensure continuous audit readiness across complex, business-critical environments.

This pivotal role demands a strong blend of hands-on technical expertise, astute risk and compliance judgment, and effective enterprise stakeholder engagement.

What Will You Do?

• Provide expert technical compliance and risk support for key middleware messaging platforms, including IBM MQ, IBM Integration Bus, IBM App Connect Enterprise, WAS, JBoss, and JWS.
• Analyze security vulnerabilities (CVEs, vendor advisories) impacting middleware platforms and accurately assess their risk exposure to the enterprise.
• Validate vulnerability findings, meticulously distinguish true risks from false positives, and recommend appropriate remediation strategies or compensating controls.
• Coordinate all vulnerability remediation activities with platform and application teams to ensure strict adherence to SLAs and policy requirements.
• Support risk acceptances, extensions, and exception requests by providing clear technical justifications and detailed impact analyses.
• Maintain accurate and up-to-date tracking of vulnerabilities, findings, and remediation status using enterprise tooling and reporting mechanisms.
• Support internal and external audits, regulatory requests, and compliance reviews by furnishing essential technical evidence and insightful analysis.
• Perform comprehensive technical reviews of middleware environments across all supported platforms.
• Assess high availability and disaster recovery architectures to ensure complete alignment with critical resiliency and compliance requirements.
• Contribute actively to the development and continuous improvement of governance standards, operational procedures, and compliance processes.
• Build and nurture strong working relationships with technology, security, risk, and audit partners throughout the enterprise.

What Do You Need to Succeed?

Must-Have:

• 5+ years of demonstrable experience in enterprise middleware, messaging, or infrastructure platforms.
• Strong technical knowledge of middleware messaging platforms, with specific experience in IBM MQ and ACE/IIB being a significant asset.
• Hands-on experience in vulnerability management, compliance, or risk support within a highly regulated environment.
• Solid understanding of Linux/UNIX platforms (RHEL, AIX), with Windows experience also preferred.
• Proven experience assessing security vulnerabilities, devising remediation strategies, and implementing compensating controls.
• Strong understanding of high availability and disaster recovery concepts.
• Experience successfully supporting audit, risk, or regulatory engagements.
• Strong analytical skills coupled with the ability to effectively translate complex technical issues into pragmatic risk-based decisions.
• Excellent written and verbal communication skills, enabling effective engagement with both technical and non-technical stakeholders.

Nice-to-Have:

• Prior experience in financial services or other highly regulated industries.
• Familiarity with GRC platforms (e.g., Archer or equivalent).
• Experience with centralized logging, monitoring, or observability platforms.
• Exposure to automation or configuration management tools.
• Knowledge of widely recognized security and compliance frameworks (e.g., NIST, CIS).

What’s in it for You?

• Work in a dynamic, collaborative, and high-performing technology organization.
• Opportunity to work on enterprise-critical platforms that underpin core banking services.
• A comprehensive Total Rewards program featuring competitive compensation, attractive benefits, and bonus opportunities.
• Leaders dedicated to your development through ongoing coaching and clear career growth opportunities.
• Flexible work arrangements and a strong organizational focus on work-life balance.
• The ability to make a meaningful and lasting impact on RBC’s risk and security posture.

Key skills/competency

• Middleware Compliance
• Vulnerability Management
• Risk Management Framework
• IBM MQ
• IBM ACE/IIB
• Linux/UNIX
• Audit Support
• Security Standards
• High Availability
• Disaster Recovery