We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com (https://www.cibc.com/en/about-cibc.html)

What you'll be doing

In this role, you’ll report to the Director, Cybersecurity Audit, and will be expected to have proven experience and knowledge in cybersecurity that includes technology infrastructure and systems, information security, including Cloud as well as access and data security related controls for CIBC and outsourced technology environments. In addition, you will provide insight and proactive control advice to management on existing weaknesses in the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) controls and emerging cybersecurity threats to CIBC.

You'll support Internal Audit groups by ensuring suitable coverage of cybersecurity risk within the audit universe, providing leadership, insight and proactive NIST CSF control advice to management. You'll lead and participate in various audits and objectively evaluate the design and effectiveness of technology infrastructure, systems, information security, access and data related NIST CSF controls across the audit entity portfolio. You'll perform and document your work in accordance with CIBC’s Internal Audit methodology and you will be accountable for the quality of audit procedures and documentation prepared by you.

The role applies knowledge of cybersecurity, internal audit methodology, data analytics and technology to participate in the audit execution of cybersecurity related audits, ensuring high quality results within defined audit plans and budgets are maintained. The Consultant, Cybersecurity Audit uses independent judgement to maintain professional and effective relationships with business partners by promoting mutual understanding of expectations, audit process, risks, controls, issues and trust. The role regularly provides practical and cost-effective advice to management on designing, implementing and enhancing internal controls within technology areas, acting as a resident auditing expert for cybersecurity at CIBC.

At CIBC we enable the work environment most optimal for you to thrive in your role. You’ll have the flexibility to manage your work activities within a hybrid work arrangement where you’ll spend 2-3 days per week on-site, while other days will be remote.

How you’ll succeed

• Consulting - Contribute to the advancement of the Cybersecurity Audit Program and provide input for cybersecurity in various audits in assessing NIST CSF controls and information security related risk across all audit groups. Be able to demonstrate in-depth understanding of cybersecurity risk, including changes to the regulatory and business environments.

• Audit delivery – Participate in or manage the audit execution of cybersecurity related audits within the portfolio. Ensure the audit engagements maintain thorough and high quality results within defined audit plans and budgets. Provide leading edge audit services, and ensure identification of emerging risks.

• Facilitate communication – Communicate trends in risk and control issues to Internal Audit management and contribute to reports to senior management on the results of ongoing reviews of cybersecurity, information security, technology systems including Cloud, as well as, access and data risks across CIBC.

Who you are

• You have 4-8 years of Cybersecurity Audit experience and can demonstrate having a broad and deep knowledge and understanding of NIST CSF controls and Information Security and Cybersecurity risks associated with technology infrastructure, networks, system access and security, cloud technology, regulatory requirements. You will also have knowledge of auditing practices, procedures and principles that enable you to analyze business processes, assess risks, and select the most suitable audit approach. You must have proven ability to write comprehensive and concise reports that have been utilized by senior leadership.

• You’re a certified professional . You have a current accreditation in both of the following (or equivalent): CISA – Certified Information Systems Auditor; CISSP – Certified Information Systems Security Professional; In-depth knowledge of COBIT and working knowledge of ITIL, ISO and NIST CSF frameworks.

• You understand that success is in the details . You notice things that others don't. Your critical thinking skills help to inform your decision making.

• You're driven by collective success . You know that collaboration can transform a good idea into a great one. You understand the power of an inclusive team that enjoys working together to bring a shared vision to life.

• You embrace and champion change . You'll continuously evolve your thinking and the way you work in order to deliver your best.

• Values matter to you . You bring your real self to work and you live our values – trust, teamwork and accountability.

What CIBC Offers

At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program, defined benefit pension plan, an employee share purchase plan, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.

• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.

• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

What you need to know

• CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com

• You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.

Job Location

Toronto-81 Bay, 34th Floor

Employment Type

Regular

Weekly Hours

37.5

Skills

Auditing (Inactive), Audit Methodology, Cybersecurity, Information Security, Information Security Auditing, Risk Management, Security Audit

At CIBC, we are in business to help our clients, employees and shareholders achieve what is important to them. Our ability to create value for all CIBC stakeholders is driven by a business culture based on common values: Trust, Teamwork and Accountability.

Working with CIBC makes you a part of a work environment committed to our clients, employees and communities - a place where you can excel.

Every day, our 44,000 employees help our clients achieve their financial goals, because what matters to our clients, matters to us.