Director, Cybersecurity and Technology Controls Manager

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com

U.S. Technology Infrastructure and Innovation (US TI&I) spans the areas of Technology, Information Security, Deposit Operations, Loan Operations, Business Continuity Management, Project Management, Data Management Office, Corporate Real Estate, Corporate Security, and Risk & Governance. TI&I delivers operational excellence by effectively managing the technology and operations required to run the bank, enables the bank's transformation by focusing on clients, innovating for the future and simplifying operations and supporting the bank's growth objectives through flawless execution of strategic initiatives. 

Governance and Oversight is a first line of defense team which supports the Information Technology and Cyber Security Departments.  The Director will report directly to the Head of Governance and Oversight and support Information Technology (IT) and Information Security (IS) Management and work closely with 2nd and 3rd lines of defense (Risk, Compliance, and Internal Audit) to develop and implement well managed, highly effective risk practices to ensure activities do not exceed the risk tolerance of the organization.  This role is fast paced and will be part of a dedicated and outstanding team that focuses on promoting control awareness and properly manage risks within the US Region IT/IS organization such as adherence to regulatory requirements, improving controls, compliance and procedures, and successfully navigating audit and regulatory exams. The ideal candidate will possess extensive IT/IS experience in financial services industry; proven track record of having high levels of integrity, precision, accuracy, and a bias toward action. 

Responsibilities 

• Developing and implementing strategies to ensure compliance with all applicable regulatory requirements and industry standards, working closely with cross-functional teams to establish and maintain robust control frameworks 

• Leading and supporting the identification, escalation, assessment, and mitigation of risks in IS /IT, driving continuous improvement in control compliance and procedures 

• Leading the Risk and Control Self-Assessment (RCSA) in collaboration with IT/IS completing the RCSA in the agreed upon timeframes 

• Overseeing the support and development and maintenance of standards, policies, procedures, and key/non-key controls, fostering a culture of accountability and adherence 

• Complete validation and quality assurance review of issues in accordance with proper risk management practices and guidance from the 2nd LOD prior closure 

• Developing and maintaining strong relationships with external regulators, auditors, and industry associations, staying informed of regulatory expectations and best practices 

• Evaluate incidents and operational losses and perform thorough analysis to identify trends and root cause. Prepare recommendations for process and control enhancements in alignment and in collaboration with IT/IS 

• Collaborating with cross-functional teams to ensure the timely resolution of regulatory findings and recommendations, implementing appropriate corrective actions and control enhancements. 

• Staying updated with relevant laws, regulations, and industry trends, and providing guidance on emerging compliance issues and potential impact on business operations 

• Provide risk guidance in developing, reviewing and maintaining operational risk and compliance policies and procedures as it relates to IT/IS 

Qualifications 

• 6-8 years of IT/IS experience 

• 6-8 years of Governance, Risk, and/or Compliance experience in a GRC, or 2nd LOD role 

• In-depth understanding and experiences in IT and IS. In-depth understanding of IT risk assessments and control testing 

• Strong collaboration; relationship management; and prioritization skills, including experiences in executive management relationship. Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams. Highly flexible and adaptable to change, technology forward thinking. 

• Strong communication skills, verbal and written. 

• Data analysis and visualization skills using Excel and/or other analysis software 

• Industry assessment experience (e.g. NYDFS, FFIEC, GLBA, ITL, etc.) 

What CIBC Offers

At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.

• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.

• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

What you need to know

• CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com

• You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.

• We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.

Job Location

IL-70 W Madison St, 8th Fl

Employment Type

Regular

Weekly Hours

40

Skills

Accountability, Controls Compliance, Cross-Functional Teamwork, Cybersecurity, Information Technology (IT) Risk, Leadership, Operational Risks, People Management, Risk Compliance, Risk Governance, Risk Management, Teamwork