IT Risk and Controls Specialist
CIBC
We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.
To learn more about CIBC, please visit CIBC.com (https://www.cibc.com/en/about-cibc.html)
**STRATEGIC BUSINESS UNIT DESCRIPTION**
US Technology, Infrastructure & Innovation (US TI&I) enables the continuous transformation of our Bank by accelerating the shift to digital, strengthening operational resilience, simplifying what we do, improving CIBC's speed to market and protecting our Bank's assets.
The teams work to maximize the investment in resources and technology while building an appropriate balance between high-touch client service and our fiduciary responsibility to protect CIBC, our clients, and our shareholders from undue risk.
JOB PURPOSE
You will be a part of CIBC’s US Technology Regulatory Controls team performing risk and control assessments on a wide range of technology domains and oversee implementation of technology controls in adherence to regulations, company policies and standards. You will work with technology partners to advise on control design and measurement of control maturity and gaps. You will also work with all lines of defense to manage technology control-related issues to ensure proper resolution, escalation and reporting.
You have advanced knowledge of risk treatment methodologies and approaches and will drive positive impacts through the design and execution of sound technology risk programs, including IT governance, risk management, compliance, cybersecurity, cloud privacy, third party risk management, data and resiliency.
You will be part of a dedicated and outstanding team that focuses on promoting control awareness and properly manage risks within the US Technology organization.
**KEY ACCOUNTABILITIES**
+ Accountable for effective partnership with peers in the assigned Line of Business, Lines of Defense, and other managers to oversee the successful creation, implementation and maintenance of effective technology to ensure compliance with applicable laws, rules and regulations.
+ Extensive knowledge of and experience with technology and security risks/controls.
+ Facilitates the identification and governance of gaps and drives escalation as appropriate.
+ Lead policies and procedures refresh efforts to minimize regulatory exposure.
+ Support CIBC’ s Control Framework to ensure compliance to regulatory, legislative, and operational requirements, including the efficient and effective management of issue remediation.
+ Manage execution of risk and control self-assessments, identification and evaluation of inherent risks, control strength and residual risks of key IT controls, and success execution of risk-based control testing program. Assist in the definition of the technology risk appetite statements and monitor Key Performance Indicators (KPI) and Key Risk Indicators (KRI) against our technology risk appetite.
+ Participate in business, governance, and regulatory projects, typically medium to highly complex initiatives, to identify risk and control issues.
+ Possess strong project management and organization skills to support/lead Internal audits including scope review and finalization, information requests, and potential deficiency management.
+ Support the execution of annual audit plan activities and ongoing management of the self-assessment processes. Gather documentation for external regulatory exams as required.
+ Recommend process improvements for governance of control testing programs. Review control testing results and recommend self-assessment of deficiencies. As needed develop and present Executive Reporting on the governance and controls environment.
+ Provide critical control-based decision-making information to technology leadership to ensure the operating state of the environment is adequate and meets control expectations.
+ Using automation and analytics, develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectives of technology.
+ Work with other leaders within CIBC’s technology management and all lines of defense to timely address control gaps, identify potential opportunities for improvement, and advise on control designs for large complex programs (e.g., cloud, API, third-party vendor oversight, data governance).
+ Influence behaviors to reduce risk and foster a strong technology risk management culture.
+ Strong collaboration and relationship management skills, preferably including experience with executive level management.
+ Promotes diversity and inclusion.
**KNOWLEDGE AND SKILLS**
+ Preferred Formal Education, or equivalent work experience: bachelor’s degree
+ Strong technical and analytical skills across IT audit, IT controls, cybersecurity, cloud and/or emerging technologies
+ Understanding of the components of risk management, including governance, policy, organizational design, awareness and training, architecture, technologies, processes and controls
+ Professionalism and discretion when interacting with executives and clients with polished verbal and written communication skills.
+ Demonstrated large US bank experience
+ Knowledge of applicable laws, regulations, financial services and regulatory trends
+ Strong knowledge of risk management, audit & regulatory compliance principles, practices, policies and procedures, with experience writing controls and mapping controls to regulatory requirements
+ Solid relationship building and networking, influential, ability to inspire positive outcomes
+ Detail-oriented self-starter with strong data analysis and complex problem-solving skills
+ Confident in ability to synthesize information and communicate detailed information in an impactful way
+ Solid teamwork and accountability
+ Thorough knowledge of risk/compliance/audit competencies
+ Experience executing on complex engagements at a financial institution, consulting or accounting firm, or commensurate experience in risk management, privacy, cyber or IT audit departments.
+ Critical thinker with the ability to identify more efficient processes (automation, continuous control monitoring, etc.)
+ Experience in technology controls, risk management, or cybersecurity roles, with a proven track record of designing and implementing effective control frameworks.
+ Understanding of technology infrastructure, including networks, systems, databases, and applications.
+ Experience with risk assessment methodologies, regulatory compliance requirements (e.g., GDPR, SOX, PCI DSS), and industry standards (e.g., NIST, ISO).
**WORKING CONDITIONS**
**·** **This role operates within a hybrid office environment.**
**Compensation**
_“At CIBC, we offer a competitive total rewards package. This role has an expected salary range of_ _$104,600- $140,000_ _for the market based on experience, qualifications, and location of the position. The successful candidate may be eligible to participate in the relevant business unit’s incentive compensation plan, which may also include a discretionary bonus component. CIBC offers a full range of benefits and programs to meet our employee’s needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave and Vacation), Holidays and 401(k), in addition to other special perks reserved for our team members.”_
**What CIBC Offers**
At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.
+ We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
+ Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
+ We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
*Subject to plan and program terms and conditions
**What you need to know**
+ CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com
+ You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
+ We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.
**Job Location**
IL-70 W Madison St, 10th Fl
**Employment Type**
Regular
**Weekly Hours**
40
**Skills**
Business Controlling, Compliance Monitoring, Group Problem Solving, Information Technology (IT) Efficiency, IT Technologies, Regulatory Requirements, Risk Management Assessment, Technology Tools, Waterfall Model, Work Collaboratively
At CIBC, we are in business to help our clients, employees and shareholders achieve what is important to them. Our ability to create value for all CIBC stakeholders is driven by a business culture based on common values: Trust, Teamwork and Accountability.
Working with CIBC makes you a part of a work environment committed to our clients, employees and communities - a place where you can excel.
Every day, our 44,000 employees help our clients achieve their financial goals, because what matters to our clients, matters to us.
Confirm your E-mail: Send Email
All Jobs from CIBC