Internal Consultant, Cybersecurity & Technology Control Assessment Team page is loaded

Internal Consultant, Cybersecurity & Technology Control Assessment Team

Apply locations Chicago, IL time type Full time posted on Posted 3 Days Ago job requisition id 2405253

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com

STRATEGIC BUSINESS UNIT DESCRIPTION

CIBC is building a relationship-oriented bank for a modern world. Our role is to maintain an effective control environment and oversee the sound risk management of our bank, consistent with our Risk Appetite Statement. We help safeguard our reputation and brand while providing proactive advice and oversight of CIBC's compliance with regulatory requirements, including those related to consumer and investor protection, sales practices, securities trading, and anti-money laundering.

Technology Infrastructure and Innovation (TI&I) spans the areas of Technology, Information Security, Deposit Operations, Loan Operations, Project Management, Data Management Office, Corporate Real Estate, Corporate Security, and Risk & Governance. TI&I delivers operational excellence by effectively managing the technology and operations required to run the bank, enables the bank's transformation by focusing on clients, innovating for the future and simplifying operations and supporting the bank's growth objectives through flawless execution of strategic initiatives.

JOB PURPOSE

The Consultant, Operational Risk is responsible for providing assessment, consulting, and reporting on operational risk and controls involving people, technology, processes or external events that arise from audit and control testing

KEY ACCOUNTABILITIES

The role applies advanced concepts to provide guidance to lines of business during the risk assessment process to identify and evaluate risks and controls according to operational risk standards, policies and procedures.

Make decisions that influence department plans, regularly recommending new processes to develop the appropriate risk treatment for all identified, open issues. The role uses independent judgement to determine methods and approaches to work, monitoring and reviewing operational risks identified during audits. The role acts as a resource integrator for their area, providing communication and consultation on risk profiles, emerging trends, and any new risks arising from regulatory changes.

COMPLIANCE REQUIREMENTS/RESPONSIBILITIES

• As an employee of CIBC, the incumbent must comply with all applicable CIBC and Line of Business policies, standards, guidelines and controls.

AUTHORITIES/DECISION RIGHTS 

• As a key contributor to the business unit, this job has the authority to recommend changes to business processes in order to enhance operational efficiency and effectiveness.

CONDUCT & CULTURE RISK

Our CIBC risk culture is based on employees striving to exceed the expectations of ourselves and our leadership’s identification and mitigation of risks in their daily responsibilities, not just in quarterly or annual monitoring/assessments. We all are accountable for managing risk.

As an employee of CIBC the incumbent must conduct themselves (and foster an environment for others) in a manner consistent with our strong risk culture. This includes:

• Following all aspects of the CIBC Code of Conduct, as well as all applicable CIBC policies, frameworks, guidelines, processes and controls
• At all times acting in accordance with our Purpose and shared values, to achieve our Bank’s strategic goals
• Understanding and following the qualitative and quantitative components of our Risk Appetite Statements
• Completing all annual Corporate Mandatory Training and Testing modules, as well as any additional business-specific modules, as required and employing the learnings in daily activities and undertakings
• Escalating matters through one of the appropriate channels identified in the CIBC Code of Conduct (i.e., HR, management, Ethics Hotline, Whistleblower, etc.) upon observing activities that may be inconsistent with CIBC’s policies, frameworks, guidelines, processes and controls
• Speaking up if witnessing behaviors that drive poor or unfair outcomes for clients, team members or other stakeholders
• Escalating matters that can result in adverse market practices and outcomes, thereby negatively impacting CIBC’s reputation as a leading financial institution
• Work closely with the Managers and/or Program Director of the US TI&I Control Program on completion of cybersecurity on cybersecurity and information technology control design and operating effectiveness testing
• Assist in the development of cybersecurity control testing program to align requirements from Governance and Regulatory bodies
• Lead, coordinate, and liaise between US TI&I Lines of Business Leaders and other lines of defense
• Collaborate with business units in developing and monitoring corrective action plans when responding to Audit, Compliance, Self-Assessed, or regulatory examination findings
• Update and maintain a risk and control inventory remediating any gaps and inadequacies
• Maintain awareness of regulatory changes across the industry, analyzing how the changes will affect the line of business, and creating a strategy to implement such changes within US TI&I

KNOWLEDGE AND SKILLS

• Bachelor’s degree
• IT risk and control related certifications preferred (e.g. CISA, CISSP, CISM, CRSC, etc.)
• Minimum 3+ years of experience in data analytics
• Excellent analytical and interpersonal skills
• Excellent verbal and written communication skills
• Solid understanding of regulatory framework and best practices of the financial industry
• Strong project management skill with experience in delivering qualitative deliverables timely
• Ability to influence, collaborate and partner with stakeholders to achieve desired outcomes
• Strong business acumen, analytical and problem-solving skills, accountable
• Ability to manage multiple projects and/or initiatives simultaneously under tight deadlines
• 3-5 years of experience in audit/enterprise/operational risk management/or management consulting, required
• Experience auditing Information Technology, Cybersecurity, Third Party Risk, Data Management, and Operations and/or experience within these fields highly encouraged
• Experience in creating process flowcharts and following audit work programs and test scripts
• Experience in documenting concise evidence to support audit/testing conclusion
• Experience in timely responding to audit/test review notes while meeting assignment timelines
• Experience in adopting and deploying risk assessment framework knowledge and experience performing risk assessments covering key risks and controls a plus
• Ability to work independently in a team-oriented and fast-paced environment
• Comfortable performing ad-hoc statistical analysis using pivot tables, VLOOKUP, complex formulas, and other advanced Excel functions to determine root causes and trends related to testing failures

WORKING CONDITIONS

· This role operates within a normal office environment

• Travel required: Occasional

California residents — your privacy rights regarding your actual or prospective employment

What CIBC Offers

At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.

• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.

• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

What you need to know

• CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com

• You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit .

Job Location

IL-70 W Madison St, 8th Fl

Employment Type

Regular

Weekly Hours

40

Skills

Action Planning, Compliance Policies, Corrective and Preventive Action (CAPA), Data Analysis, Identifying Risks, Key Control, Microsoft Excel, Operational Control, Risk Assessments, Statistical Analysis

Similar Jobs (2)

Business Risk Assessment and Measurement Lead

locations Chicago, IL time type Full time posted on Posted 23 Days Ago

Technology Operational Risk Senior Consultant

locations Chicago, IL time type Full time posted on Posted 30+ Days Ago

At CIBC, we are in business to help our clients, employees and shareholders achieve what is important to them. Our ability to create value for all CIBC stakeholders is driven by a business culture based on common values: Trust, Teamwork and Accountability.

Working with CIBC makes you a part of a work environment committed to our clients, employees and communities - a place where you can excel.

Every day, our 44,000 employees help our clients achieve their financial goals, because what matters to our clients, matters to us. #J-18808-Ljbffr