Manager, Cyber and Technology Control Assessment
IL-70 W Madison St, 8th Fl
CIBC
Bank on your terms with CIBC – whether it’s in person, over the phone or online, CIBC has you covered.We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.
To learn more about CIBC, please visit CIBC.com
Are you interested in transitioning your internal auditing skills toward front-line cyber security and information technology validation? If this is you, come help manage our newly formed cyber security and information technology validation program to put your audit experience towards high-impact risk detection through controls validation and assessment!
Technology Infrastructure and Innovation (TI&I) spans the areas of Technology, Information Security, Deposit Operations, Loan Operations, Project Management, Data Management Office, Corporate Real Estate, Corporate Security, and Risk & Governance. TI&I delivers operational excellence by effectively managing the technology and operations required to run the bank, enables the bank's transformation by focusing on clients, innovating for the future and simplifying operations and supporting the bank's growth objectives through flawless execution of strategic initiatives.
[This role is open to remote/hybrid or on-site work arrangement.]
Job Responsibilities:
Design, execute, and report on an cybersecurity and technology risk based program for lines of businesses within US TI&I
Report to the US TI&I Control Assessment Program Director on completion of cybersecurity control design and operating effectiveness
Assist in the development of cybersecurity and technology control testing portfolios to align requirements from Governance and Regulatory bodies
Lead, coordinate, and liaise between US TI&I Lines of Business Leaders and other lines of defense
Collaborate with business units in developing and monitoring corrective action plans when responding to Audit, Compliance, Self-Assessed, or regulatory examination findings
Assess cybersecurity and technology residual risks based on current vs future control environment to mitigate current and emerging cybersecurity risks
Identify cybersecurity and technology control design and operating effective gaps, inclusive of ensure remediation plan exists to mitigate known risks
Maintain awareness of regulatory changes across the industry, analyzing how the changes will affect the line of business, and creating a strategy to implement such changes within US TI&I
Qualifications:
BS or MS (Risk Management, Business, Finance or similar) or equivalent professional/military experience
IT risk and control related certifications preferred (e.g. CISA, CISSP, CISM, CRSC, etc.)
5-8 years of experience in audit/enterprise/operational risk management/or management consulting, required
Working knowledge of cybersecurity, technology, operational, compliance and reputation risks
Comfortable performing ad-hoc statistical analysis using pivot tables, VLOOKUP, complex formulas, and other advanced Excel functions to determine root causes and trends related to testing failures
Experience with internal audit practices and/or within banking industry is a plus
Strong risk assessment framework knowledge and experience performing risk assessments covering key risks and controls a plus
Strong project management skills, including the ability to adapt to change quickly, multi-task and demonstrate flexibility in prioritization based on requested tasks
Data analysis and visualization skills using Excel or other analysis software
Strong oral and written communication skills at all levels of an organization
Forward thinker, strong drive, and ability to work independently in a team-oriented and fast-paced environment
Strong working knowledge of regulatory requirements to perform and ensure an appropriate level of testing
California residents — your privacy rights regarding your actual or prospective employment
What CIBC Offers
At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.
We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
*Subject to plan and program terms and conditions
What you need to know
CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com
You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
Job Location
IL-70 W Madison St, 8th FlEmployment Type
RegularWeekly Hours
40Skills
Analytical Thinking, Analytical Thinking, Audit Controls, Audit Testing, Control Frameworks, Cybersecurity Assessment, Cybersecurity Controls, Cybersecurity Risk Assessment, Decision Making, Disaster Recovery (DR), Disaster Recovery Planning, Group Problem Solving, Information Technology (IT) Business Strategies, Information Technology (IT) Efficiency, Information Technology (IT) Infrastructure, Information Technology (IT) Services, Information Technology (IT) Solutions, Information Technology (IT) Support, Information Technology Applications, Information Technology Governance, Operational Risks, Operation Risk Management, Recovery Planning, Risk Analytics, Risk Assessments {+ 2 more}* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits Banking CISA CISM CISSP Compliance Finance Governance Monitoring Privacy Risk assessment Risk management Strategy
Perks/benefits: Career development Competitive pay Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Chief Information Security Officer jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IPS-related jobs