We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.
To learn more about CIBC, please visit CIBC.com
As a member of our US Technology, Infrastructure & Innovation (US TI&I) team, you’ll enable the continuous transformation of our Bank by accelerating the shift to digital, strengthening operational resilience, simplifying what we do, improving CIBC's speed to market and protecting our Bank's assets. You’ll work with teams work to maximize the investment in resources and technology while building an appropriate balance between high-touch client service and our fiduciary responsibility to protect CIBC, our clients, and our shareholders from undue risk.
What you’ll be doing
You will be a part of CIBC’s US TI&I Regulatory Controls team performing risk and control assessments on a wide range of technology domains and oversee implementation of technology controls in adherence to regulations, company policies and standards. You will work with technology partners to advise on control design and measurement of control maturity and gaps. You will also work with 2LOD, compliance and audit partners to manage technology control-related issues to ensure proper resolution, escalation and reporting. You will be part of a dedicated and outstanding team that focuses on promoting control awareness and properly manage risks within the TI&I organization.
You will be accountable for effective partnership with peers in the assigned Line of Business, Lines of Defense, and other managers to oversee the successful creation, implementation and maintenance of effective technology to ensure compliance with applicable laws, rules and regulations.
You have extensive knowledge of and experience with technology and security risks/controls.
You will facilitate the identification and governance of gaps and drives escalation as appropriate.
You will lead policies and procedures refresh efforts to minimize regulatory exposure.
You will support CIBC’ s Control Framework to ensure compliance to regulatory, legislative, and operational requirements, including the efficient and effective management of deviation and deficiency remediation.
You will manage execution of risk and control self-assessments, identification and evaluation of inherent risks, control strength and residual risks of key IT controls, and success execution of risk-based control testing program. Assist in the definition of the technology risk appetite statements and monitor Key Performance Indicators (KPI) and Key Risk Indicators (KRI) against our technology risk appetite.
You will participate in business, governance, and regulatory projects, typically medium to highly complex initiatives, to identify risk and control issues.
You possess strong project management and organization skills to support/lead Internal audits including scope review and finalization, information requests, and potential deficiency management.
You support the execution of annual audit plan activities and ongoing management of the self-assessment processes. Gather documentation for external regulatory exams when required.
You understand and communicate Control Framework requirements to LOB partners to ensure awareness, understanding and impacts. Participate in the completion of Control Framework requirements, including Risk and Controls Self Assessments (RCSAs), Scenarios and Key Regulatory Indicators (KRIs).
You will recommend process improvements for governance of control testing programs. Review control testing results and recommend self-assessment of deficiencies. As needed develop and present Executive Reporting on the governance and controls environment.
You will set strategy and direction for the implementation, development, and maintenance of the organization’s infrastructure technology control assurance program, including control inventory, risk and control (PRC) framework, and full alignment with regulatory requirements as well as industry risk and control frameworks.
You provide critical control-based decision-making information to technology leadership to ensure the operating state of the environment is adequate and meets control expectations.
You are using automation and analytics, develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectives of technology.
You work with other leaders within CIBC’s technology management and all lines of defense to timely address control gaps, identify potential opportunities for improvement, and advise on control designs for large complex programs (e.g., cloud, API, third-party vendor oversight, data governance).
You will influence behaviors to reduce risk and foster a strong technology risk management culture.
At CIBC we enable the work environment most optimal for you to thrive in your role. Details on your work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview.
How you succeed
You embrace and advocate for change. You continuously evolve your thinking and the way you work in order to deliver your best.
You give meaning to data. You enjoy investigating complex problems and making sense of information. You communicate detailed information in a meaningful way.
You know that details matter. You notice things that others don't. Your critical thinking skills help to inform your decision making.
You're passionate about people. You find meaning in relationships and surround yourself with a diverse network of partners. You connect with others through respect and authenticity.
Your influence makes a difference. You know that relationships and networks are essential to success. You inspire outcomes by sharing your expertise.
You act like an owner. You thrive when you're empowered to take initiative, go above and beyond, and deliver results.
Who you are
You have advanced knowledge of risk treatment methodologies and approaches and will drive positive impacts through the design and execution of sound technology risk programs, including IT governance, risk management, compliance, cybersecurity, cloud privacy, third party risk management, data and resiliency.
You have 5-10 years of experience working in technology within the US banking sector.
You have 5 years of experience in technology controls, risk management, or cybersecurity roles, with a proven track record of designing and implementing effective control frameworks.
You have a strong understanding of technology infrastructure, including networks, systems, databases, and applications.
You have knowledge of applicable laws, regulations, financial services and regulatory trends.
You have extensive knowledge of risk management, audit & regulatory compliance principles, practices, policies and procedures, with experience writing controls and mapping controls to regulatory requirements.
You have experience executing on complex engagements at a financial institution, consulting or accounting firm, or commensurate experience in risk management, privacy, cyber or IT audit departments.
You understand and communicate Control Framework requirements to LOB partners to ensure awareness, understanding and impacts. Drive the completion of Control Framework requirements, including Risk and Controls Self Assessments (RCSAs), Scenarios and Key Regulatory Indicators (KRIs).
You have strong communication skills with the ability to articulate complex technical concepts in a clear, concise manner through both written and verbal communication, professionalism and discretion when interacting with executives and clients.
You have knowledge and experience with an enterprise GRC system (e.g. ServiceNow).
You have experience with risk assessment methodologies, regulatory compliance requirements (e.g., GDPR, SOX, PCI DSS), and industry standards (e.g., NIST, ISO).
You have a bachelor’s degree in a relevant discipline preferred, or equivalent work experience.
California residents — your privacy rights regarding your actual or prospective employment
What CIBC Offers
At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.
We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
*Subject to plan and program terms and conditions
What you need to know
CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com
You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.
Job Location
IL-70 W Madison St, 10th Fl
Employment Type
Regular
Weekly Hours
40
Skills
Business Controlling, Compliance Monitoring, Group Problem Solving, Information Technology (IT) Efficiency, IT Technologies, Regulatory Requirements, Risk Management Assessment, Technology Tools, Waterfall Project Management, Work Collaboratively