Manager, US TI&I Cyber, Tech, and Security Control Assessment

Job Description

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work.

Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. To learn more about CIBC, please visit CIBC. com CIBC’s Technology Infrastructure and Innovation (TI&I) business spans Technology, Information Security, Deposit Operations, Loan Operations, Payment Operations, Data Management Office, Corporate Real Estate, Corporate Security, Procurement, Operational Resilience, and Risk & Governance. TI&I drives operational excellence by managing the technology and operations required to run the bank, enabling transformation through innovation, and supporting growth objectives with flawless execution of strategic initiatives.

The Governance and Oversight team within TI&I operates as a First Line team in the Three Lines of Defense model, enabling risk discipline, business resiliency, and value creation while strengthening the CIBC Risk Management Framework. At CIBC we enable the work environment most optimal for you to thrive in your role.

  You’ll have the flexibility to manage your work activities within a hybrid work arrangement that is acceptable to your direct supervisor. What you’ll be doing As the Manager, US TII Cyber, Tech, and Security Control Assessment you will: Independently conduct control testing, providing assessment, consulting, and reporting on operational risk and controls involving people, technology, processes or external events that arise from audit and control testing Independently understand and follow the qualitative and quantitative components of our Risk Appetite Statements Escalate matters through the appropriate channels Collaborate with team members, stakeholders and partners on control design and operating effectiveness testing  Managing, developing, and executing processes that will continually assess and enhance the control environment to ensure that the controls are complete, thorough, meet regulatory requirements, match industry standards, and align to CIBC’s policies and standards. Designing and implementing control frameworks and practices that address evolving regulatory and compliance requirements across a complex landscape.

Partnering with TI&I teams to ensure alignment and currency of controls, incorporating a multi-functional perspective to identify and address gaps. Identifying opportunities to automate and streamline control testing processes using robotic process automation (RPA) and artificial intelligence (AI) solutions. Leading pilot initiatives or proof-of-concept projects that integrate AI into control testing frameworks.

Evaluating and recommending technology tools that improve the efficiency, accuracy, and consistency of control testing activities. Collaborating with teams across TI&I to implement automation solutions and integrate AI-driven analytics into control assessment processes.

Monitoring the effectiveness of implemented RPA/AI solutions and recommending enhancements based on results and emerging best practices. How you’ll succeed Risk Management – Leverage you technology and cyber security risk management expertise to share your knowledge by introducing ideas to the organization to continuously maintain an acceptable risk posture that is aligned with the industry peers, regulatory requirements and CIBC’s risk appetite. Understand Requirements – Conduct analysis of processes and functional requirements to provide proactive advice and guidance to internal stakeholders to ensure that the requirements and work packages are appropriately defined and completed.

Time and Project Management – Leverage your strong project management skills to proactively manage timelines by keeping direct managers and internal client informed of predicted/ preliminary results and proactively communicate reasonable estimated time to completion. Continuous Improvement & Efficiency: Identify continuous improvement opportunities and leverage AI tools to automate repetitive tasks, streamline testing procedures, and improve the overall effectiveness of control assessments. Collaborate Across Teams – Collaborate with business partners, risk management, compliance, audit, and other stakeholders to ensure a coordinated approach to risk and control.

Internal Client Engagement – Meet with internal clients to understand their priorities and advise them on technology and cybersecurity risk management solutions. Use your knowledge of cybersecurity and technology to protect the organization by providing proactive advisory services to the technology and cybersecurity teams in deploying risk management measures and in remediating known issues. Communication – Delivering clear, concise, and impactful reporting, presentations, and assessment summaries to key stakeholders and partners.

Relationship Management – You’ll create trusted advisory relationships with all partners across all 3 Lines of Defense. Collaboration – Engaging with cross functional teams across all three lines of defense to foster open communication, value diverse perspectives, ensuring that all voices are heard, and contributing to shared success. You will build trust within the team, encouraging a supportive environment that enhances creativity and problem-solving.

EWJD3