CIBC
Manager, Data & Cloud Risk Management
Job Description
We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work.
Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. To learn more about CIBC, please visit CIBC. com What you’ll be doing As the Manager, Data & Cloud Risk Management, you’ll serve as the Second Line of Defense for the Data & Cloud risk management portfolio. You will assist leadership in deploying operational risk management practices, ensure compliance with regulatory expectations, and oversee Data & Cloud risk activities across CIBC US.
You’ll monitor and analyze Data & Cloud risks, report findings to key stakeholders, and provide critical input into risk committees. You will also engage with business units to promote a strong risk culture and mentor staff on emerging technology risks.
At CIBC we enable the work environment most optimal for you to thrive in your role. You’ll have the flexibility to manage your work activities within a hybrid work arrangement where you’ll spend 1-3 days per week on-site, while other days will be remote. How you’ll succeed Risk Oversight & Governance – Provide independent oversight of data and cloud risk management practices, including governance of cloud adoption, data usage, storage, transfer, and lifecycle management.
Challenge first line metrics & reporting, risk assessments, controls, and risk acceptance decisions to ensure alignment with regulatory standards (e. g. , FRB, OSFI, DCAMS, FFIEC, NIST, COBIT).
Support the oversight of risk taxonomies, policies, standards, and risk appetite statements for data and cloud risk. Risk Identification & Assessment – Review and challenge business unit Risk & Control Self-Assessments (RCSAs), Change Initiative Risk Assessments (CIRA) to ensure adequate coverage of data and cloud risks.
Evaluate emerging risks (e. g. , AI/ML data usage, multi-cloud strategies, cross-border data transfer) and escalate material concerns to senior stakeholders.
Lead thematic risk reviews focused on topics such as cloud and data risk management topics. Monitoring & Oversight – Oversee control activities related to topics such as data & cloud risk management. Develop independent monitoring routines to identify control gaps and trends in cloud/data incidents.
Partner with enterprise oversight teams to ensure comprehensive coverage of cloud and data risk domains. Engage in annual maturity scorecard assessments based on industry expectations (e. g.
DCAMs) Regulatory & Stakeholder Engagement – Interpret and apply evolving regulatory expectations for data and cloud risk, ensuring bank practices remain compliant. Prepare risk reporting, issue escalation, and thematic insights for senior management, risk committees, and regulators. Serve as a subject matter expert in cross-functional forums (e.
EWJD3
