Locate this job
Senior Information Security Risk Advisor
CIBC is a leading Canadian-based global financial institution. Through our three major businesses Retail and Business Banking, Wealth Management and Wholesale Banking we provide a full range of financial products and services to 11 million individual, small business, commercial, corporate and institutional clients in Canada and around the world. We invest in our businesses, our clients, our people and our communities to deliver consistent and sustainable earnings to our shareholders. To learn more about CIBCs Lines of Business, please visit our website.
CIBC focuses on what matters to our employees access to career and development opportunities, safe and healthy workplaces, effective training, and positive work-life balance so that employees are able to perform at their best, contribute to their communities and focus on cultivating deeper relationships with our clients.
Every year, CIBC is recognized for its business success, community commitment and employee initiatives. We are proud of this success and are committed to creating an inclusive workplace and an environment where all employees can excel.
To learn more about CIBC and the CIBC Group of Companies please visit CIBC.com.
As a Senior Information Security Risk Advisor, you will join the Enterprise Architecture group to interface with a line of business to assess higher profile projects for security risks, identify the potential exposures, and present recommendations that are practical and achievable, thereby allowing the Lines of Business to make informed risk decisions.
Offer guidance to Information Security Consultants to prepare lower profile Threat Risk Assessments and Security reviews of planned initiatives across the organization.
Prepare high level security profiles for a LOB which they can use to measure their security posture across multiple initiatives.
Prepare management reporting of all security engagements and manages workload and priorities to ensure that effort is expended where risk is most prevalent.
Design and implement security assessment processes across the organization.
Weigh business needs against security concerns and recommends necessary changes to enhance information systems security. Act as a focal point to the business units for all matters of security.
Conduct security assessment on high profile initiatives.
Direct, motivate and develop key staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team.
Examine and interpret requirements documents, architecture diagrams and verbal information to determine if a project presents security risk to CIBC.
Adapting the security assessment process to each project depending upon the availability of information, the complexity of the material, and the level of risk the project may pose.
Applying security experience and to each project to determine if it will pose security risk to CIBC. Security risk encompasses the concepts of confidentiality, integrity, and availability.
Provide recommendations to have deviations approved from a security standard.
Providing assessment of documentation to rework aspects of projects (not just technical architecture to eliminate security risks and avoid security exposure).
What Were Looking For
Successful candidates must exhibit CIBCs values of trust, team work, and accountability
Must have Bachelors or equivalent degree in Computer Science, Engineering, or related field
Should have a CISSP or Information Security related designation
Must have 5+ years of professional Information Security/Risk experience; Information Security Management: Knowledge of processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Must have extensive practical experience and knowledge of approaches, tools, techniques and roles and responsibilities in providing technical or business guidance to clients within and outside own area
Ability to establish and build healthy working relations and partnerships with clients, vendors and peers; must have effective influencing skills to impact decisions
Ability to produce a variety of business documents that demonstrate command of language, clarity of thought and orderliness of presentation
Apply on company website