Serve as a trusted advisor to stakeholders, providing proactive guidance on risk management, control design, and compliance with organizational policies, regulatory requirements, and industry standards
Lead the development and execution of GRC strategies aligned with CIBC’s risk appetite and US regulatory expectations (FFIEC, GLBA, NYDFS, NIST, COBIT, ISO)
Act as a thought leader, driving control maturity and operational risk alignment across the organization
Oversee the identification, assessment, escalation, and mitigation of IT/IS risks, ensuring alignment with enterprise risk frameworks
Maintain oversight of the global control environment impacting IS/IT, ensuring alignment with CIBC’s broader risk management objectives and US regulatory requirements
Drive continuous improvement initiatives, leveraging emerging technologies and industry trends to strengthen the control environment

Requirements

Minimum of 10 years of progressive experience in technology risk management, cybersecurity, or controls implementation within a large, complex financial institution (GSIB experience preferred)
Proven track record of developing, leading, and executing GRC strategies in a technology-driven environment
Deep knowledge of US and global regulatory requirements and industry standards (FFIEC, GLBA, NYDFS, NIST, COBIT, ISO)
Experience managing regulatory exams, audits, and industry assessments
Relevant certifications such as CISA, CRISC, CISSP, or CISM

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

risk managementcontrol designGRC strategiescybersecuritycontrols implementationIT/IS risk assessmentcontinuous improvementemerging technologies

Soft Skills

trusted advisorproactive guidancethought leadershipstakeholder management

Certifications

CISACRISCCISSPCISM