Senior Manager, Technology & Cyber Risk Governance

We're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com

What you'll be doing

As the Senior Manager, Technology & Cyber Risk Governance, you will be responsible for conducting risk assessments, providing advisory to TI&I Technology and Cybersecurity business leaders, and reporting on operational risk and controls. You will support the identification, escalation, assessment, and mitigation of risks in Technology & Cybersecurity, driving continuous improvement in control compliance and procedures. You will research and apply industry and organization frameworks to support the organization during the risk assessment process to identify and evaluate risks and controls according to operational risk standards, policies and procedures. Additionally, you will stay updated on industry trends and regulatory changes affecting technology and cyber risk and make sound recommendations that influence appropriate risk treatment to minimize residual risk, and partner with the business to remediate existing deficiencies in a timely manner. You will work closely with cross-functional teams to establish and maintain robust control frameworks while acting as an integrator and liaison with all lines of defense with effective communication as you consult on risk profiles, emerging trends, and any new risks arising from regulatory changes.

At CIBC we enable the work environment most optimal for you to thrive in your role. You can effectively perform all work activities remotely, and will only be required to be on-site on an occasional basis.

How you'll succeed

• Internal Client Engagement - Meet with internal clients to understand their priorities and advise them on technology and cybersecurity risk management solutions. Use your knowledge of cybersecurity and technology to protect the organization by providing proactive advisory services to the technology and cybersecurity teams in deploying risk management measures and in remediating known issues.
• Risk Management - Leverage your technology and cyber security risk management expertise to share your knowledge by introducing ideas to the organization to continuously maintain an acceptable risk posture that is aligned with industry peers, regulatory requirements, and CIBC's risk appetite.
• Communication - Exhibit strong verbal and written communication skills. You will communicate effectively with internal and external teams, and different lines of business.
• Relationship Management - You'll create trusted advisory relationships with all partners across all lines of defense, inclusive of Operational Risk Management, Internal Audit, Enterprise counterparts, and control assessment teams.
• Collaboration - Engage with cross functional teams across all three lines of defense to foster open communication, value diverse perspectives, ensuring that all voices are heard, and contributing to shared success. You will build trust within the team, encouraging a supportive environment that enhances creativity and problem-solving.
• Time and Project Management - Leverage your strong project management skills to proactively manage timelines by keeping direct managers and internal clients informed of predicted/ preliminary results and proactively communicate reasonable estimated time to completion by avoiding working up to the last minute.
• Understand Requirements - Conduct analysis of processes and functional requirements to provide proactive advice and guidance to internal stakeholders to ensure that the requirements and work packages are appropriately defined and completed.

Who you are

• You have a degree/diploma in accounting, cybersecurity, technology, finance or a related field. Minimum of 5-7 years of experience in technology or cybersecurity front-line testing/audit/enterprise/operational risk management/or management consulting coupled with professional certification in Technology Risk, Cybersecurity Risk and audit related certifications (e.g. CISA, CISSP, CISM, CRSC, etc.).
• You demonstrate experience in identifying risks and control mitigants in order to provide advisory to the business in managing technology and cybersecurity risks for the organization. You have worked independently and have experience in working in cross-functional teams where you have successfully influenced without authority across all levels of the organization. You have experience in creating process flow at optimal levels to provide concise depiction of current and future state in order to identify and convey applicable risks and controls. You're creative, resourceful and tenacious, and have the ability to clearly depict information that can be communicated and presented in the most engaging and meaningful way.
• You put our internal clients first. You engage with purpose to find the right solutions. You go the extra mile, because it's the right thing to do. You ensure all critical deadlines are met without adding unnecessary steps or burden to the process that would impact internal clients negatively.
• You embrace and champion change. You're flexible and can pivot easily. You'll continuously evolve your thinking and the way you work in order to deliver your best. You're an idea generator who can execute on those ideas and lead cross-functional teams toward the finish line.
• You are a strong communicator. Expert interpersonal, communication (oral and written) and problem-solving skills, including effective engagement with all levels of the organization, including senior management, and regulators. You're a natural at summarizing complex ideas into compelling communications that are simple, brief, clear, accurate, and relevant to the target audience.
• Values matter to you. You bring your real self to work, and you live our values - trust, teamwork, and accountability.

California residents - your privacy rights regarding your actual or prospective employment

At CIBC, we offer a competitive total rewards package. This role has an expected salary range of $140,000 - $160,000 USD for the market based on experience, qualifications, and location of the position (salary ranges for various locations will be discussed during the interview). The successful candidate may be eligible to participate in the relevant business unit's incentive compensation plan, which may also include a discretionary bonus component. CIBC offers a full range of benefits and programs to meet our employee's needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave and Vacation), Holidays and 401(k), in addition to other special perks reserved for our team members. #LI-TA

*This job is not eligible for employment sponsorship*

What CIBC Offers

At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

What you need to know

• CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact
• You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
• We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.

Job Location
IL-Illinois - Virtual

Employment Type
Regular

Weekly Hours
40

Skills
Analytical Thinking, Collaboration, Communication, Control Frameworks, Cybersecurity Risk Management, Decision Making, Group Problem Solving, Operation Risk Management, Risk Analytics, Risk Assessments, Risk Governance, Technology Risk