Apply on Employer Site

CIBC US · 1 day ago

Sr. Manager, Information Security - Governance & Regulatory

Chicago, IL

Full-time

Hybrid

Senior Level, Lead/Staff

$150K/yr - $175K/yr

10+ years exp

CIBC US is building a relationship-oriented bank and is seeking a Senior Manager for their Information Security team. In this role, you will lead the risk management program, assess and manage information security risks, and collaborate with stakeholders to enhance security processes and controls.

BankingFinancial Services

No H1B

Responsibilities

Provide strategic thought leadership, building and regularly updating the US Region’s vision, roadmap, and backlogs related to Information Security

Ensure program governance across US Information Security teams

Lead the execution of detailed risk assessments, reporting of risks, and coordination with impacted stakeholders

Complete ad hoc and urgent requests from internal and external partners, and recommend new controls to reduce risks

Provide oversight of individual and team activities, supporting development of roadmaps and ensuring execution

Create powerful reports to executive management and external parties aimed at communicating Informational Security program maturity, organizational risks, status of key initiatives and projects that impact the US Region, and participate in the design and implementation of security assessment processes throughout the Information Security department

Foster collaborative relationships with a wide range of stakeholders to identify opportunities to enhance Information Security processes and controls, understand pain-points and priorities, influence direction, solve problems, and ensure successful adoption and operation of policies and standards

Grow and deepen an external network of industry contacts and participate in external forums to monitor Information Security trends, developments, and best practices and to assist in the effective benchmarking and evolution of CIBC capabilities

Qualification

Information SecuritySecurity Risk AssessmentGovernanceProject ManagementAnalytical ThinkingGroup Problem SolvingTechnical KnowledgeNetwork OperationsSecurity Operations

Required

At least 10 years of experience leading execution of information security risk and compliance assessments or audits based on industry standard frameworks and/or regulatory requirements in highly regulated industries (e.g., NIST, ISO, COSO, GLBA, NY DFS 500, FFIEC, PCI, etc.)

Information Technology experience

Action oriented, thriving when empowered to take initiative, go above and beyond, and deliver results

Passion for excellence, holding yourself and others accountable

Comfortable with ambiguity and enjoy investigating complex problems and making sense of information

Strong communication skills, verbally and in writing, with the ability to flex to needs of executives and team members within and outside of US Information Security

Goal-oriented, motivated by accomplishing individual and team based goals and consistently delivering your best

Curious learner, staying current on industry trends

Experience leading teams

Values of trust, teamwork, and accountability