RBC is seeking a Director, Regulatory Advisor (Global Security) to serve as the embedded advisor to the CISO on cybersecurity law, regulatory obligations, and governance. You will own our compliance standing under NYDFS Part 500 and SEC cybersecurity rules—managing the annual certification cycle, quarterly attestations, and ongoing regulatory monitoring. This is a critical role interfacing with internal and external auditors, 3 lines of defense, preparing board and regulator reporting, and advising on how regulatory requirements translate into actual security decisions. You'll work across all business entities and technology domains, balancing proactive compliance planning with reactive regulatory demands. What will you do? Serve as the principal regulatory advisor embedded within the CISO organization, providing day-to-day advisory services on cybersecurity regulatory obligations, compliance requirements, and security governance. Own RBC's enterprise compliance standing under NYDFS Part 500 and SEC cybersecurity rules, including exam readiness, regulatory gap identification, and ongoing monitoring of regulatory developments. Manage the full regulatory certification cycle—including the annual April 15 NYDFS submission, quarterly compliance reviews, and evidence collection for board and regulator reporting. Lead the drafting, review, and lifecycle management of cybersecurity policies, standards, and governance documentation across the enterprise. Partner with the CISO, IT Risk, and Compliance teams to integrate regulatory requirements into security strategy, architecture decisions, and operational processes. Identify regulatory gaps in RBC's cybersecurity program compared to NYDFS Part 500 and NIST baseline expectations; coordinate remediation with first and second lines of defense and track progress to closure. Advise on incident response planning, vendor risk management, and cross-functional security initiatives from a regulatory and compliance perspective. Represent regulatory compliance requirements in product security reviews and cross-enterprise security decision-making. What do you need to succeed? Must-have 10 years of proven cyber/risk experience within a Tier 1 bank with deep knowledge of US Regulatory requirements for different financial services entities (i.e., capital markets, retail, consumer)3 years'experience in strategic relationship management, delivery performance analysis, and negotiations. Strong business and financial acumen with demonstrated expertise in regulatory compliance frameworks (NYDFS Part 500, SEC cybersecurity rules, NIST standards)Financial Services experience in: Wealth Management, Payments, Capital Markets, or similar lines of business. Nice-to-have. Certified Regulatory Compliance Manager (CRCM) or similar regulatory certification. Experience with cybersecurity incident response planning and regulatory reporting cycles. What’s in it for you?