CIBC US · 1 day ago
Sr. Manager, Information Security - Regulatory & Examination
Chicago, IL
Full-time
Onsite
Senior Level, Lead/Staff
$140K/yr - $160K/yr
10+ years expCIBC US is building a relationship-oriented bank for the modern world and is seeking a Sr. Manager in Information Security focused on regulatory and examination processes. The role involves managing regulatory exams, remediation activities, internal audits, and ensuring compliance with various regulatory requirements while fostering relationships with internal and external partners.
BankingFinancial Services
Responsibilities
End to end exam management
Ensure regulatory exam readiness
Review and suggest approach (responses, evidence) to regulatory exam letters
Coordinate response and evidence collection (which may include direct response/fulfillment), evaluating and questioning, aligning on strategic messaging, presenting to sr. leadership to align on audit ready responses
Actively engage in regulatory remediation activities, which may include analysis of regulatory feedback, suggesting recommended action, coordinating and evaluating responses, performing remediation actions, preparing regulatory update decks, creating speaking notes, ensuring messaging alignment with internal stakeholders and addressing any post meeting follow ups
Prepare oversight briefing materials, which includes recommendations on approach/key themes, with speaking notes
Coordinate follow up activities
Ensure internal teams are prepared for Internal Audit activities
Manage and socialize Internal Audit calendar
Coordinate audits, including fulfillment and evaluation of responses and evidence provided
Escalate potential issues before formal identification
Ensure timely review and response to audit reports
Oversee creation of new audit related deficiencies
Serve as point for monthly continuous monitoring
Ensure NY DFS program annual activities are completed, including the NY Branch assessment, surveys, with risks identified and actioned
Ensure FFIEC/GLBA program activities are completed, including the annual assessment with risks identified and actioned
Complete annual Regulatory Control Management activities
Complete annual Regulatory Control Requirement Assessment
Ensure overall CSO organization regulatory reporting dashboard is delivered
Monitor relevant laws, regulations and standards to ensure organization’s security practices align with regulatory requirements. Create and distribute monthly regulatory development update reporting
Assist with creation of materials for Annual Cyber Security Board Review and Quarterly Board Risk Committee Meetings
Creation of materials for various reporting committees and forums, including weekly status
Creation of materials for various reporting committees and forums, including weekly reports, business unit reviews and horizontal reviews
Oversee or complete specific enterprise, US region or department initiatives
Build strong relationships with internal and external partners, seen by them as a trusted partner
Complete ad hoc and urgent requests from internal and external partners, and recommend new controls to reduce risks
Work closely with US TI&I Risk & Controls Team, Regulatory Affairs, Operational Risk Management (ORM) and Internal Audit as required
Foster collaborative relationships with a wide range of stakeholders to identify opportunities to enhance Information Security processes and controls, understand pain-points and priorities, influence direction, solve problems, and ensure successful adoption and operation of policies and standards
Foster relationships with middle to senior management, and senior executives across a range of functions including Risk Management and Technology
Share governance best practices, based on regulatory and audit observations and feedback identified
Provides ongoing advice and direction on a variety of complex conceptual or interpretative issues
Perform regulatory controls as assigned control performer
Implement continuous improvement areas
Create and maintain procedural documentation
Qualification
Required
10 years in Information Security, IT Risk Management, regulatory compliance or audit functions, within a US or Canadian bank (preferably at least 5 years in a leadership role)
Deep knowledge of key information security domains including network security, IAM, data protection, vulnerability management, application security, etc
Awareness of emerging technologies and risks
Proven track record of managing banking regulatory examinations (e.g. FRB) and state specific oversight (e.g. NYDFS)
Demonstrated experience with FFIEC IT/Cyber Exam Handbook and GLBA Safeguards rule compliance
Strong understanding of control frameworks (e.g. NIST CSF)
Ability to identify regulatory themes, assess control effectiveness and spot emerging gaps
Hands on experience preparing and delivering materials for regulatory agencies and internal/external auditors
Skilled in exam logistics
Ability to determine and draft formal regulatory responses to information security issues which are clear, defensible and aligned with the overall risk posture
Experienced influencing and presenting to sr. leadership, boards and regulators
Exceptional written and verbal communication skills, with the ability to translate technical requirements into clear actionable language for regulators and executives
Strong interpersonal skills to influence without direct authority
Experience with GRC platforms (e.g. MetricStream, OneTrust, Archer)
Certified professional with current Industry recognized certifications such as CISSP, CISM, CISA
You see the big picture and operate strategically
You act like an owner. You are action oriented, thriving when you're empowered to take initiative, go above and beyond, and deliver results
You have a passion for excellence, holding yourself and others accountable
You know that details matter. You notice and question things that others don't. Your critical thinking skills help to inform your decision-making
You are a strong communicator, verbally and in writing, with the ability to flex to needs of executives and team members within and outside of US Information Security
You're goal-oriented. You're motivated by accomplishing individual and team based goals and consistently delivering your best to make a difference
You are a curious learner, staying current on industry trends
You challenge the status quo and have a passion for continuous improvement
Benefits
Medical
Dental
Vision
Health Savings Account
Life Insurance
Disability
Other Insurance Plans
Paid Time Off (including Sick Leave, Parental Leave and Vacation)
Holidays
401(k)
Banking benefits
A benefits program
A vacation offering
Wellbeing support
MomentMakers, our social, points-based recognition program
Purpose Day; a paid day off dedicated for you to use to invest in your growth and development
Company
CIBC US
CIBC US provides tailored commercial and personal banking services, private banking, wealth management and small business financial solutions.
1001-5000 employees
H1B Sponsorship
CIBC US has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (35)
2024 (42)
2023 (29)
2022 (11)
2021 (77)
2020 (6)
Funding
Current Stage
Late StageLeadership Team
Brant Ahrens
Chief Administrative Officer
Recent News
2025-07-25
Company data provided by crunchbase