Senior Manager, Cyber Risk Assessments

Canadian Imperial Bank Of Commerce

Job Location:

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Were building a relationship-oriented bank for the modern world. We need talented passionate professionals who are dedicated to doing whats right for our clients.

At CIBC we embrace your strengths and your ambitions so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC please visit

What Youll Be Doing

As Senior Manager Cyber Risk Assessments (2nd Line of Defense) you will oversee enterprise-wide identification measurement mitigation and reporting of cyber risk in line with CIBCs risk appetite and regulatory expectations. Youll collaborate closely with technology information security and business-risk partners to deliver a consistent integrated approach to cyber risk management while championing a transparent inclusive and high-performing culture. The role also expects strong interpersonal communication critical thinking and problem-solving skills to present conclusions to senior audiences ability to leverage enterprise AI tools to improve internal processes and drive optimization as well as keeping abreast with latest security threats and industry trends.

CIBC enables a flexible work environment where you can thrive with a hybrid arrangement of 23 days per week on-site and the remainder remote to be discussed during your interview.

How You will Succeed

Risk Management & Portfolio oversight: Operate within a matrix team environment reviewing cyber risk assessments controls deficiencies metrics and other relevant information to form an independent view of cyber risks effectively challenging risk levels and treatment approaches. Execute operational risk program mandates using established operational risk tools and processes including 2nd LoD assessments of business line change initiatives risk and control self-assessments scenario analysis cyber incident management as well as security testing activities performed by the 1st LoD (e.g. Threat Risk Assessments Penetration Testing Application Security Code scans) driving appropriate risk treatment for material cyber risks identified and drive continuous improvement in risk management methodologies. Manage the centralized risk-tracking tool and ensure documentation for assessments performed is complete and consistent. Produce portfolio-level insights for senior leadership and governance committees.
Technical & Analytical Expertise Bring credibility and influence by leveraging your broad technology experience and deep expertise in areas such as cloud network cybersecurity DevOps AI etc. to assess and challenge cyber risks and controls across business lines.
Advisory & Continuous Improvement Stay current on emerging threats and industry best practices advising business lines and enhancing operational risk methodologies.
Collaboration & Relationship Building Leverage effective communication and people skills to build and sustain trusted internal relationships positioning yourself as a valued partner who provides sound risk guidance and demonstrates a deep understanding of both the business and technology environments. Collaborate closely with information security technology risk and business partners to ensure a consistent and integrated approach to risk management.
Educational Support & Risk Culture Promote a culture of cyber risk awareness ensuring operational risk policies processes and continuous improvement initiatives are effectively communicated.

Who You Are

You bring broad expertise in cyber and technology risk demonstrating experience across cybersecurity and technology domains associated industry frameworks and regulations.
You are a collaborative partner and effective communicator building strong working relationships and collaborating with diverse stakeholders in a dynamic fast-paced environment to drive integrated and consistent risk management.
You possess technical acumen and a continuous improvement mindset in areas such as cloud Agile/DevOps APIs/microservices automation and big data technology. Industry-recognized certifications (e.g. CISSP CISM) is an asset.
You are data-driven and insightful investigating complex problems leveraging strong analytical skills to extract insights from data and translating findings into actionable recommendations for risk mitigation and reporting.
You are detail-oriented and a critical thinker noticing what others might overlook applying strong critical thinking skills to inform your decision-making ensuring that risk assessments and reporting are thorough and accurate.
You embrace change and champion growth evolving your thinking and approach adapting to new challenges and emerging trends in the cyber and technology risk landscape to deliver your best work.
Values matter to you. You bring your real self to work and you live our values trust teamwork and accountability.

#LI-TA

What CIBC Offers

At CIBC your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career rather than just a paycheck.

We work to recognize you in meaningful personalized ways including a competitive salary incentive pay banking benefits a benefits program* defined benefit pension plan* an employee share purchase plan a vacation offering wellbeing support and MomentMakers our social points-based recognition program.
Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

What you need to know

CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation please contact
CIBC is committed to clarity in our hiring process. All roles posted are opportunities were actively recruiting for unless stated otherwise.
You need to be legally eligible to work at the location(s) specified above and where applicable must have a valid work or study permit.
We may ask you to complete an attribute-based assessment and other skills test (such as simulation coding French proficiency).
We use artificial intelligence tools during the recruitment process. Our goal for the application process is to get to know more about you all that you have to offer and give you the opportunity to learn more about us.

Job Location

Toronto-81 Bay 29th Floor

Employment Type

Regular

Weekly Hours

37.5

Skills

Analytical Thinking Application Security Coding Practices Communication Cyber Risks Cybersecurity DevOps Emerging Technology Trends Information Security Interpersonal Communication Operation Risk Management Penetration Testing Prioritization Red Teaming Risk Assessments Risk Management Risk Management Programs Security Management Practices Security Testing Teamwork Technology Landscape

Required Experience:

Senior Manager

Were building a relationship-oriented bank for the modern world. We need talented passionate professionals who are dedicated to doing whats right for our clients.At CIBC we embrace your strengths and your ambitions so you are empowered at work. Our team members have what they need to make a meaningf...