Key skills
CloudMicroservicesAIMLAgenticAnalyticsIAMOAuthSAMLAgileLeadershipProduct ManagementZero Trust
About this role
Role Overview
- Own end-to-end product strategy and roadmap for authorization capabilities: policy engines, entitlement management, access decision frameworks, and real-time enforcement
- Define authorization patterns and standards (ABAC, RBAC, attribute-based policy models) that scale across RBC's diverse application ecosystem
- Lead requirements definition for policy information points (PIPs) and policy decision points (PDPs) enabling dynamic, risk-informed access decisions
- Establish authorization best practices, frameworks, and guardrails aligned with Zero Trust Architecture principles
- Integrate identity risk scoring, HR performance data, and critical application sensitivity into real-time authorization decisions
- Define product requirements for JIT access models that shift from standing access to time-limited, context-aware provisioning
- Develop authorization policies that evolve based on risk signals (anomalous behavior, policy violations, regulatory triggers)
- Establish audit, logging, and compliance reporting capabilities for all authorization decisions and policy enforcement
- Drive authorization policy harmonization across lines of business, reducing inconsistency and risk exposure
- Ensure authorization capabilities meet regulatory requirements (FRB, Part 30, OSFI, SOX, GLBA)
- Define separation of duties (SoD), conflict of interest (CoI), and policy violation detection and remediation workflows
- Establish compliance monitoring and 3LOD independent review processes for authorization controls
- Define integration patterns for authorization across applications, APIs, microservices, and cloud environments
- Lead standardization of authorization frameworks to reduce application sprawl and inconsistent access control implementations
- Develop product requirements for API-first authorization services enabling ease of adoption by application teams
- Collaborate with architecture and infrastructure teams to embed authorization enforcement at scale
- Define requirements for AI/ML capabilities in authorization: intelligent policy recommendations, anomaly detection, access pattern analysis
- Establish governance frameworks for AI-driven authorization decisions, including explainability and audit capabilities
- Develop use cases for Agentic AI in policy optimization, entitlement analytics, and access review automation
- Ensure responsible AI principles are embedded in authorization product enhancements
- Lead product management working groups with Engineering, Architecture, Security, Compliance, and Application Teams
- Communicate authorization strategy and product roadmap to executive sponsors and business leaders
- Manage relationships with application owners, security teams, and compliance stakeholders
- Mentor product management team members on authorization strategy and best practices
Requirements
- 12+ years in product management or technical leadership, with minimum 7 years in Identity and Access Management (IAM), Authorization, or Access Control systems
- 5+ years of hands-on experience designing or implementing authorization platforms (policy engines, entitlement management, access control frameworks)
- Deep expertise in authorization technologies: RBAC, ABAC, XACML, OAuth 2.0, SAML, API security, and policy-driven access control
- Strong understanding of enterprise security architecture, Zero Trust models, and least-privilege principles
- Proven experience translating business and compliance requirements into authorization policy frameworks
- Demonstrated ability to lead cross-functional teams in complex, regulated environments (banking/financial services preferred)
- Proficiency with agile product delivery and automation frameworks
Tech Stack
- Cloud
- Microservices
Benefits
- A comprehensive Total Rewards Program including bonuses and flexible benefits
- Competitive compensation
- Commissions and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- Flexible work/life balance options
- Opportunities to do challenging work
- Opportunities to take on progressively greater accountabilities
- Access to a variety of job opportunities across business