Senior Manager, Cyber Risk, Regulatory Compliance

Fulfill CIBC's second line of defense mandate to support effective management of cybersecurity risk across the organization.,Work closely with the first line of defense (1LoD) to apply technical and risk expertise.,Assess cybersecurity risks identified by the 1LoD (e.g., through control and deficiency management, regulatory risk assessments).,Challenge control effectiveness and risk treatment plans, and drive improved outcomes.,Own and continuously improve Cyber RCM reporting, including executive and Board-level reporting.,Design and implement reporting process automation to improve timeliness, accuracy, consistency, and auditability.,Establish standardized reporting templates, metric definitions (e.g., RAS, KRIs, KPIs), calculation logic, thresholds, and data lineage/traceability, along with appropriate data quality and reconciliation checks.,Monitor regulatory developments impacting cybersecurity and information risk.,Assess applicability and impact to CIBC's control environment and reporting obligations.,Coordinate with stakeholders to translate changes in expectations into updates to control mapping, compliance posture reporting, and prioritization of remediation activities.,Review and report on cybersecurity risks related to Enterprise Information security and control landscape.,Present conclusions to senior audiences.,Keep abreast with latest security threats and industry trends.,Conduct risk assessments and provide advisory to Technology and Cybersecurity business leaders.,Report on operational risk and controls.,Support the identification, escalation, assessment, and mitigation of risks in Technology & Cybersecurity, driving continuous improvement in control compliance and procedures.,Research and apply industry and organization frameworks to identify and evaluate risks and controls.,Stay updated on industry trends and regulatory changes affecting technology and cyber risk and make recommendations.,Partner with the business to remediate existing deficiencies in a timely manner.,Work closely with cross-functional teams to establish and maintain robust control frameworks.,Act as an integrator and liaison with all lines of defense with effective communication.,Consult on risk profiles, emerging trends, and new risks arising from regulatory changes.

Degree/diploma in accounting, cybersecurity, technology, finance or a related field.,Professional certification in Technology Risk, Cybersecurity Risk and audit related certifications (e.g. CISA, CISSP, CISM, CRSC, etc.).

Degree/diploma in accounting, cybersecurity, technology, finance or a related field

Comprehensive health and dental coverage, defined benefit pension plan, employee share purchase plan, wellness programs, and flexible work arrangements.